Class: Gy::Session

Inherits:

Object

• Object
• Gy::Session

Defined in:

lib/gy/session.rb

Class Method Summary

• .decrypt_cookie(cookie_string, mode = 'json') ⇒ Object

  页面上的cookie解密成session数据.

• .encrypt_to_cookie(session_json, mode = 'json') ⇒ Object

  session加密成cookie.

Class Method Details

.decrypt_cookie(cookie_string, mode = 'json') ⇒ Object

页面上的cookie解密成session数据

# File 'lib/gy/session.rb', line 4

def self.decrypt_cookie(cookie_string, mode = 'json')
  serializer = case mode
  when 'json' then JSON
  when 'marshal' then ActiveSupport::MessageEncryptor::NullSerializer
  end

  cookie = CGI::unescape(cookie_string.strip)
  salt = Rails.configuration.action_dispatch.encrypted_cookie_salt
  signed_salt = Rails.configuration.action_dispatch.encrypted_signed_cookie_salt
  key_generator = ActiveSupport::KeyGenerator.new(Rails.application.secrets.secret_key_base, iterations: 1000)
  secret = key_generator.generate_key(salt)[0, 32]
  sign_secret = key_generator.generate_key(signed_salt)
  encryptor = ActiveSupport::MessageEncryptor.new(secret, sign_secret, serializer: serializer)
  result = encryptor.decrypt_and_verify(cookie)

  (mode == 'marshal') ? Marshal.load(result) : result
end

.encrypt_to_cookie(session_json, mode = 'json') ⇒ Object

session加密成cookie

# File 'lib/gy/session.rb', line 23

def self.encrypt_to_cookie(session_json, mode = 'json')
  serializer = case mode
  when 'json' then JSON
  when 'marshal' then ActiveSupport::MessageEncryptor::NullSerializer
  end

  salt = Rails.configuration.action_dispatch.encrypted_cookie_salt
  signed_salt = Rails.configuration.action_dispatch.encrypted_signed_cookie_salt
  key_generator = ActiveSupport::KeyGenerator.new(Rails.application.secrets.secret_key_base, iterations: 1000)
  secret = key_generator.generate_key(salt)[0, 32]
  sign_secret = key_generator.generate_key(signed_salt)
  encryptor = ActiveSupport::MessageEncryptor.new(secret, sign_secret, serializer: serializer)
  result = encryptor.encrypt_and_sign(session_json)

  result
end