signed

signed()

Instance Public methods

Returns a jar that'll automatically generate a signed representation of cookie value and verify it when reading from the cookie again. This is useful for creating cookies with values that the user is not supposed to change. If a signed cookie was tampered with by the user (or a 3rd party), nil will be returned.

If secrets.secret_key_base and secrets.secret_token (deprecated) are both set, legacy cookies signed with the old key generator will be transparently upgraded.

This jar requires that you set a suitable secret for the verification on your app's secrets.secret_key_base.

Example:

cookies.signed[:discount] = 45
# => Set-Cookie: discount=BAhpMg==--2c1c6906c90a3bc4fd54a51ffb41dffa4bf6b5f7; path=/

cookies.signed[:discount] # => 45

Links:

https://github.com/rails/rails/blob/29ec4f54c972df9df1ebad49654cbf06fd7d2457/actionpack/lib/action_dispatch/middleware/cookies.rb#L134

doc_ruby_on_rails

2015-06-20 00:00:00

Comments