diff options
| author | Assain <assainjaleel20@gmail.com> | 2017-07-24 13:30:42 +0530 |
|---|---|---|
| committer | Assain <assainjaleel20@gmail.com> | 2017-07-24 13:45:34 +0530 |
| commit | 97cd2df042c002c38ae960d9bcdaaa64f7bed202 (patch) | |
| tree | b28c55b4478b3c949a2c293de106ba65032a4d9b /activesupport | |
| parent | fbffd2bea5ce009b2d253811b7ea0a14364d244f (diff) | |
| download | rails-97cd2df042c002c38ae960d9bcdaaa64f7bed202.tar.gz rails-97cd2df042c002c38ae960d9bcdaaa64f7bed202.tar.bz2 rails-97cd2df042c002c38ae960d9bcdaaa64f7bed202.zip | |
add to changelog: purpose and expiry support
[ci skip]
Diffstat (limited to 'activesupport')
| -rw-r--r-- | activesupport/CHANGELOG.md | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/activesupport/CHANGELOG.md b/activesupport/CHANGELOG.md index f5542c6d25..ef46bc06e0 100644 --- a/activesupport/CHANGELOG.md +++ b/activesupport/CHANGELOG.md @@ -1,3 +1,31 @@ +* Add purpose and expiry support to `MessageVerifier` & `MessageEncryptor`. + + Messages generated using `MessageVerifier` and `MessageEncryptor` now + support expiry and purpose. You can set the purpose of the message using + the key :purpose, and likewise, the expiration using :expires_at or :expires_in. + + This ensures that the message is used only for its intended purpose and also + while it hasn't expired. + + For instance, to ensure a message is only usable for one intended purpose: + + token = @verifier.generate("x", purpose: :shipping) + + @verifier.verified(token, purpose: :shipping) # => "x" + @verifier.verified(token) # => nil + + Or make it expire after a set time: + + @verifier.generate("x", expires_in: 1.month) + @verifier.generate("y", expires_at: Time.now.end_of_year) + + Showcased with `ActiveSupport::MessageVerifier`, but works the same for + `ActiveSupport::MessageEncryptor`'s `encrypt_and_sign` and `decrypt_and_verify`. + + Pull requests: #29599, #29854 + + *Assain Jaleel* + * Make the order of `Hash#reverse_merge!` consistent with `HashWithIndifferentAccess`. *Erol Fornoles* |