Class: Gretel::Trails::UrlStore
- Defined in:
- lib/gretel/trails/stores/url_store.rb
Class Attribute Summary collapse
-
.secret ⇒ Object
Secret used for crypting trail in URL that should be set to something unguessable.
Class Method Summary collapse
-
.retrieve(key) ⇒ Object
Securely decodes a URL trail string to encoded array.
-
.save(array) ⇒ Object
Securely encodes encoded array to a trail string to be used in URL.
Methods inherited from Store
decode, delete_all_keys, delete_expired, encode, key_count
Class Attribute Details
.secret ⇒ Object
Secret used for crypting trail in URL that should be set to something unguessable. This is required when using trails, for the reason that unencrypted trails would be vulnerable to cross-site scripting attacks.
8 9 10 |
# File 'lib/gretel/trails/stores/url_store.rb', line 8 def secret @secret end |
Class Method Details
.retrieve(key) ⇒ Object
Securely decodes a URL trail string to encoded array.
19 20 21 22 23 24 25 26 27 28 29 30 31 |
# File 'lib/gretel/trails/stores/url_store.rb', line 19 def retrieve(key) hash, base64 = key.split("_", 2) if base64.blank? Rails.logger.info "[Gretel] Trail decode failed: No Base64 in trail" [] elsif hash == generate_hash(base64) decode_base64(base64) else Rails.logger.info "[Gretel] Trail decode failed: Invalid hash '#{hash}' in trail" [] end end |
.save(array) ⇒ Object
Securely encodes encoded array to a trail string to be used in URL.
11 12 13 14 15 16 |
# File 'lib/gretel/trails/stores/url_store.rb', line 11 def save(array) base64 = encode_base64(array) hash = generate_hash(base64) [hash, base64].join("_") end |