From af954ddd54e2b720d84bbf781600a4ef30b0c345 Mon Sep 17 00:00:00 2001
From: Claudio B <claudiob@inventati.org>
Date: Mon, 7 Aug 2017 20:32:03 -0700
Subject: [ci skip] Prefer cookies.encrypted over signed (#30129)

In some examples and guides we are recommending to use code like:

```ruby
verified_user = User.find_by(id: cookies.signed[:user_id])
```

My suggestion is to use instead:

```ruby
verified_user = User.find_by(id: cookies.encrypted[:user_id])
```

which invites users to prefer the "newer" encrypted cookies over the
"legacy" signed cookies.
---
 actioncable/lib/action_cable/connection/base.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'actioncable/lib/action_cable')

diff --git a/actioncable/lib/action_cable/connection/base.rb b/actioncable/lib/action_cable/connection/base.rb
index 8dbafe5105..84053db9fd 100644
--- a/actioncable/lib/action_cable/connection/base.rb
+++ b/actioncable/lib/action_cable/connection/base.rb
@@ -26,7 +26,7 @@ module ActionCable
     #
     #       private
     #         def find_verified_user
-    #           User.find_by_identity(cookies.signed[:identity_id]) ||
+    #           User.find_by_identity(cookies.encrypted[:identity_id]) ||
     #             reject_unauthorized_connection
     #         end
     #     end
-- 
cgit v1.2.3