From 48c703b055a6b287100f3c0fbc18f1294d7c7af4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafael=20Mendon=C3=A7a=20Fran=C3=A7a?= Date: Wed, 4 Dec 2013 23:11:42 -0200 Subject: Make salt argument required for message verifier --- railties/CHANGELOG.md | 4 ++-- railties/lib/rails/application.rb | 12 ++++++------ railties/test/application/configuration_test.rb | 10 +++++----- 3 files changed, 13 insertions(+), 13 deletions(-) (limited to 'railties') diff --git a/railties/CHANGELOG.md b/railties/CHANGELOG.md index 255e49356f..166080c5b0 100644 --- a/railties/CHANGELOG.md +++ b/railties/CHANGELOG.md @@ -2,8 +2,8 @@ This verifier can be used to generate and verify signed messages in the application. - message = Rails.application.message_verifier.generate('my sensible data') - Rails.application.message_verifier.verify(message) + message = Rails.application.message_verifier('salt').generate('my sensible data') + Rails.application.message_verifier('salt').verify(message) # => 'my sensible data' It is recommended not to use the same verifier for different things, so you can get different diff --git a/railties/lib/rails/application.rb b/railties/lib/rails/application.rb index df64736e62..e45bfaf6fc 100644 --- a/railties/lib/rails/application.rb +++ b/railties/lib/rails/application.rb @@ -169,18 +169,18 @@ module Rails # # ==== Parameters # - # * +verifier_name+ - the name of verifier you want to get. + # * +salt+ - the salt that will be used to generate the secret key of the verifier. # # ==== Examples # - # message = Rails.application.message_verifier.generate('my sensible data') - # Rails.application.message_verifier.verify(message) + # message = Rails.application.message_verifier('salt').generate('my sensible data') + # Rails.application.message_verifier('salt').verify(message) # # => 'my sensible data' # # See the +ActiveSupport::MessageVerifier+ documentation for more information. - def message_verifier(verifier_name = 'default') - @message_verifiers[verifier_name] ||= begin - secret = key_generator.generate_key(verifier_name) + def message_verifier(salt) + @message_verifiers[salt] ||= begin + secret = key_generator.generate_key(salt) ActiveSupport::MessageVerifier.new(secret) end end diff --git a/railties/test/application/configuration_test.rb b/railties/test/application/configuration_test.rb index 585d52d258..722c940d8e 100644 --- a/railties/test/application/configuration_test.rb +++ b/railties/test/application/configuration_test.rb @@ -274,11 +274,11 @@ module ApplicationTests app.config.session_store :disabled end - message = app.message_verifier.generate("some_value") + message = app.message_verifier('salt').generate("some_value") - assert_equal 'some_value', Rails.application.message_verifier.verify(message) + assert_equal 'some_value', Rails.application.message_verifier('salt').verify(message) - secret = app.key_generator.generate_key('default') + secret = app.key_generator.generate_key('salt') verifier = ActiveSupport::MessageVerifier.new(secret) assert_equal 'some_value', verifier.verify(message) end @@ -289,7 +289,7 @@ module ApplicationTests app.config.session_store :disabled end - default_verifier = app.message_verifier + default_verifier = app.message_verifier('salt') text_verifier = app.message_verifier('text') message = text_verifier.generate('some_value') @@ -299,7 +299,7 @@ module ApplicationTests default_verifier.verify(message) end - assert_equal default_verifier.object_id, app.message_verifier.object_id + assert_equal default_verifier.object_id, app.message_verifier('salt').object_id assert_not_equal default_verifier.object_id, text_verifier.object_id end -- cgit v1.2.3