[ci skip] Prefer cookies.encrypted over signed (#30129)

In some examples and guides we are recommending to use code like: ```ruby verified_user = User.find_by(id: cookies.signed[:user_id]) ``` My suggestion is to use instead: ```ruby verified_user = User.find_by(id: cookies.encrypted[:user_id]) ``` which invites users to prefer the "newer" encrypted cookies over the "legacy" signed cookies.
author: Claudio B <claudiob@inventati.org> 2017-08-07 20:32:03 -0700
committer: David Heinemeier Hansson <david@loudthinking.com> 2017-08-07 22:32:03 -0500
commit: af954ddd54e2b720d84bbf781600a4ef30b0c345 (patch)
tree: 03aceba16b2b108ce46f3ae4f1a0b4b631fbf6a6
parent: 7c89948c416fbc32b59e33a0ab454545b4f6fed7 (diff)
download: rails-af954ddd54e2b720d84bbf781600a4ef30b0c345.tar.gz
rails-af954ddd54e2b720d84bbf781600a4ef30b0c345.tar.bz2
rails-af954ddd54e2b720d84bbf781600a4ef30b0c345.zip
4 files changed, 4 insertions, 4 deletions
diff --git a/actioncable/README.md b/actioncable/README.md
index 6946dbefb0..9667403673 100644
--- a/actioncable/README.md
+++ b/actioncable/README.md
@@ -53,7 +53,7 @@ module ApplicationCable
 
     private
       def find_verified_user
-        if verified_user = User.find_by(id: cookies.signed[:user_id])
+        if verified_user = User.find_by(id: cookies.encrypted[:user_id])
           verified_user
         else
           reject_unauthorized_connection
diff --git a/actioncable/lib/action_cable/connection/base.rb b/actioncable/lib/action_cable/connection/base.rb
index 8dbafe5105..84053db9fd 100644
--- a/actioncable/lib/action_cable/connection/base.rb
+++ b/actioncable/lib/action_cable/connection/base.rb
@@ -26,7 +26,7 @@ module ActionCable
     #
     #       private
     #         def find_verified_user
-    #           User.find_by_identity(cookies.signed[:identity_id]) ||
+    #           User.find_by_identity(cookies.encrypted[:identity_id]) ||
     #             reject_unauthorized_connection
     #         end
     #     end
diff --git a/activesupport/lib/active_support/current_attributes.rb b/activesupport/lib/active_support/current_attributes.rb
index 9ab1546064..4e6d8e4585 100644
--- a/activesupport/lib/active_support/current_attributes.rb
+++ b/activesupport/lib/active_support/current_attributes.rb
@@ -33,7 +33,7 @@ module ActiveSupport
   #
   #     private
   #       def authenticate
-  #         if authenticated_user = User.find_by(id: cookies.signed[:user_id])
+  #         if authenticated_user = User.find_by(id: cookies.encrypted[:user_id])
   #           Current.user = authenticated_user
   #         else
   #           redirect_to new_session_url
diff --git a/guides/source/action_cable_overview.md b/guides/source/action_cable_overview.md
index 50a28571b4..31151e0329 100644
--- a/guides/source/action_cable_overview.md
+++ b/guides/source/action_cable_overview.md
@@ -64,7 +64,7 @@ module ApplicationCable
 
     private
       def find_verified_user
-        if verified_user = User.find_by(id: cookies.signed[:user_id])
+        if verified_user = User.find_by(id: cookies.encrypted[:user_id])
           verified_user
         else
           reject_unauthorized_connection
author	Claudio B <claudiob@inventati.org>	2017-08-07 20:32:03 -0700
committer	David Heinemeier Hansson <david@loudthinking.com>	2017-08-07 22:32:03 -0500
commit	af954ddd54e2b720d84bbf781600a4ef30b0c345 (patch)
tree	03aceba16b2b108ce46f3ae4f1a0b4b631fbf6a6
parent	7c89948c416fbc32b59e33a0ab454545b4f6fed7 (diff)
download	rails-af954ddd54e2b720d84bbf781600a4ef30b0c345.tar.gz rails-af954ddd54e2b720d84bbf781600a4ef30b0c345.tar.bz2 rails-af954ddd54e2b720d84bbf781600a4ef30b0c345.zip