From af954ddd54e2b720d84bbf781600a4ef30b0c345 Mon Sep 17 00:00:00 2001
From: Claudio B <claudiob@inventati.org>
Date: Mon, 7 Aug 2017 20:32:03 -0700
Subject: [ci skip] Prefer cookies.encrypted over signed (#30129)

In some examples and guides we are recommending to use code like:

```ruby
verified_user = User.find_by(id: cookies.signed[:user_id])
```

My suggestion is to use instead:

```ruby
verified_user = User.find_by(id: cookies.encrypted[:user_id])
```

which invites users to prefer the "newer" encrypted cookies over the
"legacy" signed cookies.
---
 actioncable/README.md                                  | 2 +-
 actioncable/lib/action_cable/connection/base.rb        | 2 +-
 activesupport/lib/active_support/current_attributes.rb | 2 +-
 guides/source/action_cable_overview.md                 | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/actioncable/README.md b/actioncable/README.md
index 6946dbefb0..9667403673 100644
--- a/actioncable/README.md
+++ b/actioncable/README.md
@@ -53,7 +53,7 @@ module ApplicationCable
 
     private
       def find_verified_user
-        if verified_user = User.find_by(id: cookies.signed[:user_id])
+        if verified_user = User.find_by(id: cookies.encrypted[:user_id])
           verified_user
         else
           reject_unauthorized_connection
diff --git a/actioncable/lib/action_cable/connection/base.rb b/actioncable/lib/action_cable/connection/base.rb
index 8dbafe5105..84053db9fd 100644
--- a/actioncable/lib/action_cable/connection/base.rb
+++ b/actioncable/lib/action_cable/connection/base.rb
@@ -26,7 +26,7 @@ module ActionCable
     #
     #       private
     #         def find_verified_user
-    #           User.find_by_identity(cookies.signed[:identity_id]) ||
+    #           User.find_by_identity(cookies.encrypted[:identity_id]) ||
     #             reject_unauthorized_connection
     #         end
     #     end
diff --git a/activesupport/lib/active_support/current_attributes.rb b/activesupport/lib/active_support/current_attributes.rb
index 9ab1546064..4e6d8e4585 100644
--- a/activesupport/lib/active_support/current_attributes.rb
+++ b/activesupport/lib/active_support/current_attributes.rb
@@ -33,7 +33,7 @@ module ActiveSupport
   #
   #     private
   #       def authenticate
-  #         if authenticated_user = User.find_by(id: cookies.signed[:user_id])
+  #         if authenticated_user = User.find_by(id: cookies.encrypted[:user_id])
   #           Current.user = authenticated_user
   #         else
   #           redirect_to new_session_url
diff --git a/guides/source/action_cable_overview.md b/guides/source/action_cable_overview.md
index 50a28571b4..31151e0329 100644
--- a/guides/source/action_cable_overview.md
+++ b/guides/source/action_cable_overview.md
@@ -64,7 +64,7 @@ module ApplicationCable
 
     private
       def find_verified_user
-        if verified_user = User.find_by(id: cookies.signed[:user_id])
+        if verified_user = User.find_by(id: cookies.encrypted[:user_id])
           verified_user
         else
           reject_unauthorized_connection
-- 
cgit v1.2.3