aboutsummaryrefslogtreecommitdiffstats
path: root/guides/source/4_1_release_notes.md
diff options
context:
space:
mode:
Diffstat (limited to 'guides/source/4_1_release_notes.md')
-rw-r--r--guides/source/4_1_release_notes.md19
1 files changed, 8 insertions, 11 deletions
diff --git a/guides/source/4_1_release_notes.md b/guides/source/4_1_release_notes.md
index 1ff9ae4aa8..40ab1a1d33 100644
--- a/guides/source/4_1_release_notes.md
+++ b/guides/source/4_1_release_notes.md
@@ -181,21 +181,18 @@ See its
[documentation](http://api.rubyonrails.org/v4.1.0/classes/ActiveRecord/Enum.html)
for a detailed write up.
-### Message Verifiers
+### Application Message Verifier
-Message verifiers can be used to generate and verify signed messages. This can
-be useful to safely transport sensitive data like remember-me tokens and
-friends.
-
-The method `Rails.application.message_verifier` returns a new message verifier
-that signs messages with a key derived from secret_key_base and the given
-message verifier name:
+The application message verifier can be used to generate and verify signed
+messages in the application. This can be useful for remember-me tokens and
+friends:
```ruby
-signed_token = Rails.application.message_verifier(:remember_me).generate(token)
-Rails.application.message_verifier(:remember_me).verify(signed_token) # => token
+signed_message = Rails.application.message_verifier('salt').generate('my sensible data')
+Rails.application.message_verifier('salt').verify(signed_message)
+# => 'my sensible data'
-Rails.application.message_verifier(:remember_me).verify(tampered_token)
+Rails.application.message_verifier('salt').verify(tampered_message)
# raises ActiveSupport::MessageVerifier::InvalidSignature
```
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-07 20:07:22 +0000