Module: UrlSigner::Rails::ControllerHelpers

Extended by:
ActiveSupport::Concern
Defined in:
lib/url_signer/rails.rb

Instance Method Summary collapse

Instance Method Details

#sign_url(url, options = {}) ⇒ Object

Sign a url.

@signed_url = sign_url(some_route_helper_url)

Can also be used as a view helper:

<%= link_to 'Some secret', sign_url(some_secret_action_url) %>

For options, see UrlSigner#sign.



24
25
26
27
 
# File 'lib/url_signer/rails.rb', line 24

def sign_url(url, options={})
  options = url_signer_options(options)
  UrlSigner.sign(url,  options).to_s
end

#signature_invalid!Object

Called when an action is called with an invalid signature attached. Will be overridden to enhance behaviour:

class MyController < ActionController::Base
  before_action :verify_signature!

  # ...

  def signature_invalid!
    redirect_to root_path, notice: 'you URL is not valid anymore'
  end
end



76
77
78
 
# File 'lib/url_signer/rails.rb', line 76

def signature_invalid!
  head :forbidden
end

#signature_valid?(url = nil, options = {}) ⇒ Boolean

Verify a url.

class MyController < ActionController::Base
  def my_action

    # verify the validity of the current called url
    current_url_valid = signature_valid?

    # or with another url
    orher_url_valid = signature_valid?(orher_url)

  end
end

For options, see UrlSigner#valid?.

Returns:

  • (Boolean) 


44
45
46
47
48
 
# File 'lib/url_signer/rails.rb', line 44

def signature_valid?(url=nil, options={})
  url ||= request.url
  options = url_signer_options(options)
  UrlSigner.valid?(url, options)
end

#verify_signature!Object

Verify the current url and call #signature_invalid! on failure. This method is intended to be used in a before action.

class MyController < ActionController::Base
  before_action :verify_signature!

  def secure_action
    # can only be accessed from a signed url
  end
end



60
61
62
 
# File 'lib/url_signer/rails.rb', line 60

def verify_signature!
  signature_invalid! unless signature_valid?
end