Method: Volt.current_user_id

Defined in:
lib/volt/volt/users.rb

.current_user_idObject

Get the user_id from the cookie



6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
 
# File 'lib/volt/volt/users.rb', line 6

def current_user_id
  # Check for a user_id from with_user
  if (user_id = Thread.current['with_user_id'])
    return user_id
  end

  user_id_signature = self.user_id_signature

  if user_id_signature.nil?
    nil
  else
    index = user_id_signature.index(':')
    user_id = user_id_signature[0...index]

    if RUBY_PLATFORM != 'opal'
      hash = user_id_signature[(index + 1)..-1]

      # Make sure the user hash matches
      # TODO: We could cache the digest generation for even faster comparisons
      if hash != Digest::SHA256.hexdigest("#{Volt.config.app_secret}::#{user_id}")
        # user id has been tampered with, reject
        fail VoltUserError, 'user id or hash is incorrectly signed.  It may have been tampered with, the app secret changed, or generated in a different app.'
      end

    end

    user_id
  end
end