Class: SimpleTokenAuthentication::TokenComparator

Inherits:
Object
  • Object
show all
Defined in:
lib/simple_token_authentication/token_comparator.rb

Instance Method Summary collapse

Instance Method Details

#compare(a, b) ⇒ Object

Compare two String instances

Important: this method is cryptographically critical and must be implemented with care when defining new token comparators.

Returns true if String instances do match, false otherwise



12
13
14
15
16
17
18
# File 'lib/simple_token_authentication/token_comparator.rb', line 12

def compare(a, b)
  # Notice how we use Devise.secure_compare to compare tokens
  # while mitigating timing attacks.
  # See http://rubydoc.info/github/plataformatec/\
  #            devise/master/Devise#secure_compare-class_method
  Devise.secure_compare(a, b)
end