Module: ActionDispatch::Cookies::VerifyAndUpgradeLegacySignedMessage

Included in:
UpgradeLegacyEncryptedCookieJar, UpgradeLegacySignedCookieJar
Defined in:
actionpack/lib/action_dispatch/middleware/cookies.rb

Overview

Passing the ActiveSupport::MessageEncryptor::NullSerializer downstream to the MessageEncryptor,Verifier allows us to handle the (de)serialization step within the cookie jar, which gives us the opportunity to detect and migrate legacy cookies.

Instance Method Summary collapse

Instance Method Details

#initialize(*args) ⇒ Object


250
251
252
253
# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 250

def initialize(*args)
  super
  @legacy_verifier = ActiveSupport::MessageVerifier.new(request.secret_token, serializer: ActiveSupport::MessageEncryptor::NullSerializer)
end

#verify_and_upgrade_legacy_signed_message(name, signed_message) ⇒ Object


255
256
257
258
259
260
261
# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 255

def verify_and_upgrade_legacy_signed_message(name, signed_message)
  deserialize(name, @legacy_verifier.verify(signed_message)).tap do |value|
    self[name] = { value: value }
  end
rescue ActiveSupport::MessageVerifier::InvalidSignature
  nil
end