Module: ActionDispatch::Cookies::VerifyAndUpgradeLegacySignedMessage

Included in:
UpgradeLegacyEncryptedCookieJar, UpgradeLegacySignedCookieJar
Defined in:
actionpack/lib/action_dispatch/middleware/cookies.rb

Overview

Passing the ActiveSupport::MessageEncryptor::NullSerializer downstream to the MessageEncryptor,Verifier allows us to handle the (de)serialization step within the cookie jar, which gives us the opportunity to detect and migrate legacy cookies.

Instance Method Summary collapse

Instance Method Details

#initialize(*args) ⇒ Object


185
186
187
188
# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 185

def initialize(*args)
  super
  @legacy_verifier = ActiveSupport::MessageVerifier.new(@options[:secret_token], serializer: ActiveSupport::MessageEncryptor::NullSerializer)
end

#verify_and_upgrade_legacy_signed_message(name, signed_message) ⇒ Object


190
191
192
193
194
195
196
# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 190

def verify_and_upgrade_legacy_signed_message(name, signed_message)
  deserialize(name, @legacy_verifier.verify(signed_message)).tap do |value|
    self[name] = { value: value }
  end
rescue ActiveSupport::MessageVerifier::InvalidSignature
  nil
end