diff options
author | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2013-12-04 23:11:42 -0200 |
---|---|---|
committer | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2013-12-04 23:11:42 -0200 |
commit | 48c703b055a6b287100f3c0fbc18f1294d7c7af4 (patch) | |
tree | 9cd9e7da96ae9877a2013d1667d373c5dc2df0e6 | |
parent | d3d84988674dde77236d04181b48468765ed56c8 (diff) | |
download | rails-48c703b055a6b287100f3c0fbc18f1294d7c7af4.tar.gz rails-48c703b055a6b287100f3c0fbc18f1294d7c7af4.tar.bz2 rails-48c703b055a6b287100f3c0fbc18f1294d7c7af4.zip |
Make salt argument required for message verifier
-rw-r--r-- | railties/CHANGELOG.md | 4 | ||||
-rw-r--r-- | railties/lib/rails/application.rb | 12 | ||||
-rw-r--r-- | railties/test/application/configuration_test.rb | 10 |
3 files changed, 13 insertions, 13 deletions
diff --git a/railties/CHANGELOG.md b/railties/CHANGELOG.md index 255e49356f..166080c5b0 100644 --- a/railties/CHANGELOG.md +++ b/railties/CHANGELOG.md @@ -2,8 +2,8 @@ This verifier can be used to generate and verify signed messages in the application. - message = Rails.application.message_verifier.generate('my sensible data') - Rails.application.message_verifier.verify(message) + message = Rails.application.message_verifier('salt').generate('my sensible data') + Rails.application.message_verifier('salt').verify(message) # => 'my sensible data' It is recommended not to use the same verifier for different things, so you can get different diff --git a/railties/lib/rails/application.rb b/railties/lib/rails/application.rb index df64736e62..e45bfaf6fc 100644 --- a/railties/lib/rails/application.rb +++ b/railties/lib/rails/application.rb @@ -169,18 +169,18 @@ module Rails # # ==== Parameters # - # * +verifier_name+ - the name of verifier you want to get. + # * +salt+ - the salt that will be used to generate the secret key of the verifier. # # ==== Examples # - # message = Rails.application.message_verifier.generate('my sensible data') - # Rails.application.message_verifier.verify(message) + # message = Rails.application.message_verifier('salt').generate('my sensible data') + # Rails.application.message_verifier('salt').verify(message) # # => 'my sensible data' # # See the +ActiveSupport::MessageVerifier+ documentation for more information. - def message_verifier(verifier_name = 'default') - @message_verifiers[verifier_name] ||= begin - secret = key_generator.generate_key(verifier_name) + def message_verifier(salt) + @message_verifiers[salt] ||= begin + secret = key_generator.generate_key(salt) ActiveSupport::MessageVerifier.new(secret) end end diff --git a/railties/test/application/configuration_test.rb b/railties/test/application/configuration_test.rb index 585d52d258..722c940d8e 100644 --- a/railties/test/application/configuration_test.rb +++ b/railties/test/application/configuration_test.rb @@ -274,11 +274,11 @@ module ApplicationTests app.config.session_store :disabled end - message = app.message_verifier.generate("some_value") + message = app.message_verifier('salt').generate("some_value") - assert_equal 'some_value', Rails.application.message_verifier.verify(message) + assert_equal 'some_value', Rails.application.message_verifier('salt').verify(message) - secret = app.key_generator.generate_key('default') + secret = app.key_generator.generate_key('salt') verifier = ActiveSupport::MessageVerifier.new(secret) assert_equal 'some_value', verifier.verify(message) end @@ -289,7 +289,7 @@ module ApplicationTests app.config.session_store :disabled end - default_verifier = app.message_verifier + default_verifier = app.message_verifier('salt') text_verifier = app.message_verifier('text') message = text_verifier.generate('some_value') @@ -299,7 +299,7 @@ module ApplicationTests default_verifier.verify(message) end - assert_equal default_verifier.object_id, app.message_verifier.object_id + assert_equal default_verifier.object_id, app.message_verifier('salt').object_id assert_not_equal default_verifier.object_id, text_verifier.object_id end |