diff options
author | Xavier Noria <fxn@hashref.com> | 2013-12-19 19:59:48 +0100 |
---|---|---|
committer | Xavier Noria <fxn@hashref.com> | 2013-12-19 19:59:48 +0100 |
commit | d0829f46db6721015ded0955bbdf55309fff266c (patch) | |
tree | f912351a84020dab3e78e8df32e11247a6f6509e /guides/source | |
parent | 293a1a68992ba3e3e80f9f0f685e866ff79bf11a (diff) | |
download | rails-d0829f46db6721015ded0955bbdf55309fff266c.tar.gz rails-d0829f46db6721015ded0955bbdf55309fff266c.tar.bz2 rails-d0829f46db6721015ded0955bbdf55309fff266c.zip |
Revert "revises the release notes about message verifiers [ci skip]"
This reverts commit 293a1a68992ba3e3e80f9f0f685e866ff79bf11a.
Diffstat (limited to 'guides/source')
-rw-r--r-- | guides/source/4_1_release_notes.md | 19 |
1 files changed, 8 insertions, 11 deletions
diff --git a/guides/source/4_1_release_notes.md b/guides/source/4_1_release_notes.md index 1ff9ae4aa8..40ab1a1d33 100644 --- a/guides/source/4_1_release_notes.md +++ b/guides/source/4_1_release_notes.md @@ -181,21 +181,18 @@ See its [documentation](http://api.rubyonrails.org/v4.1.0/classes/ActiveRecord/Enum.html) for a detailed write up. -### Message Verifiers +### Application Message Verifier -Message verifiers can be used to generate and verify signed messages. This can -be useful to safely transport sensitive data like remember-me tokens and -friends. - -The method `Rails.application.message_verifier` returns a new message verifier -that signs messages with a key derived from secret_key_base and the given -message verifier name: +The application message verifier can be used to generate and verify signed +messages in the application. This can be useful for remember-me tokens and +friends: ```ruby -signed_token = Rails.application.message_verifier(:remember_me).generate(token) -Rails.application.message_verifier(:remember_me).verify(signed_token) # => token +signed_message = Rails.application.message_verifier('salt').generate('my sensible data') +Rails.application.message_verifier('salt').verify(signed_message) +# => 'my sensible data' -Rails.application.message_verifier(:remember_me).verify(tampered_token) +Rails.application.message_verifier('salt').verify(tampered_message) # raises ActiveSupport::MessageVerifier::InvalidSignature ``` |