From 2b7dbad8e081b1ce84a7262b1b0953254bf8f651 Mon Sep 17 00:00:00 2001 From: Rick Olson Date: Tue, 6 Mar 2007 04:09:14 +0000 Subject: Add a #dbman attr_reader for CGI::Session and make CGI::Session::CookieStore#generate_digest public so it's easy to generate digests using the cookie store's secret. [Rick] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6342 5ecf4fe2-1ee6-0310-87b1-e25e094e27de --- actionpack/lib/action_controller/session/cookie_store.rb | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'actionpack/lib/action_controller/session/cookie_store.rb') diff --git a/actionpack/lib/action_controller/session/cookie_store.rb b/actionpack/lib/action_controller/session/cookie_store.rb index d232dd448c..fe2d96e17d 100644 --- a/actionpack/lib/action_controller/session/cookie_store.rb +++ b/actionpack/lib/action_controller/session/cookie_store.rb @@ -94,6 +94,12 @@ class CGI::Session::CookieStore write_cookie('value' => '', 'expires' => 1.year.ago) end + # Generate the HMAC keyed message digest. Uses SHA1 by default. + def generate_digest(data) + key = @secret.respond_to?(:call) ? @secret.call(@session) : @secret + OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new(@digest), key, data) + end + private # Marshal a session hash into safe cookie data. Include an integrity hash. def marshal(session) @@ -113,12 +119,6 @@ class CGI::Session::CookieStore end end - # Generate the HMAC keyed message digest. Uses SHA1 by default. - def generate_digest(data) - key = @secret.respond_to?(:call) ? @secret.call(@session) : @secret - OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new(@digest), key, data) - end - # Read the session data cookie. def read_cookie @session.cgi.cookies[@cookie_options['name']].first -- cgit v1.2.3