Make salt argument required for message verifier

2022-11-09 12:12:34 -05:00 · 2013-12-04 23:11:42 -02:00 · 2013-12-04 23:11:42 -02:00 · 48c703b055
commit 48c703b055
parent d3d8498867
3 changed files with 13 additions and 13 deletions
--- a/railties/CHANGELOG.md
+++ b/railties/CHANGELOG.md
@ -2,8 +2,8 @@

    This verifier can be used to generate and verify signed messages in the application.

-        message = Rails.application.message_verifier.generate('my sensible data')
-        Rails.application.message_verifier.verify(message)
+        message = Rails.application.message_verifier('salt').generate('my sensible data')
+        Rails.application.message_verifier('salt').verify(message)
        # => 'my sensible data'

    It is recommended not to use the same verifier for different things, so you can get different
--- a/railties/lib/rails/application.rb
+++ b/railties/lib/rails/application.rb
@ -169,18 +169,18 @@ module Rails
    #
    # ==== Parameters
    #
-    # * +verifier_name+ - the name of verifier you want to get.
+    # * +salt+ - the salt that will be used to generate the secret key of the verifier.
    #
    # ==== Examples
    #
-    #     message = Rails.application.message_verifier.generate('my sensible data')
-    #     Rails.application.message_verifier.verify(message)
+    #     message = Rails.application.message_verifier('salt').generate('my sensible data')
+    #     Rails.application.message_verifier('salt').verify(message)
    #     # => 'my sensible data'
    #
    # See the +ActiveSupport::MessageVerifier+ documentation for more information.
-    def message_verifier(verifier_name = 'default')
-      @message_verifiers[verifier_name] ||= begin
-        secret = key_generator.generate_key(verifier_name)
+    def message_verifier(salt)
+      @message_verifiers[salt] ||= begin
+        secret = key_generator.generate_key(salt)
        ActiveSupport::MessageVerifier.new(secret)
      end
    end
--- a/railties/test/application/configuration_test.rb
+++ b/railties/test/application/configuration_test.rb
@ -274,11 +274,11 @@ module ApplicationTests
        app.config.session_store :disabled
      end

-      message = app.message_verifier.generate("some_value")
+      message = app.message_verifier('salt').generate("some_value")

-      assert_equal 'some_value', Rails.application.message_verifier.verify(message)
+      assert_equal 'some_value', Rails.application.message_verifier('salt').verify(message)

-      secret = app.key_generator.generate_key('default')
+      secret = app.key_generator.generate_key('salt')
      verifier = ActiveSupport::MessageVerifier.new(secret)
      assert_equal 'some_value', verifier.verify(message)
    end
@ -289,7 +289,7 @@ module ApplicationTests
        app.config.session_store :disabled
      end

-      default_verifier = app.message_verifier
+      default_verifier = app.message_verifier('salt')
      text_verifier = app.message_verifier('text')

      message = text_verifier.generate('some_value')
@ -299,7 +299,7 @@ module ApplicationTests
        default_verifier.verify(message)
      end

-      assert_equal default_verifier.object_id, app.message_verifier.object_id
+      assert_equal default_verifier.object_id, app.message_verifier('salt').object_id
      assert_not_equal default_verifier.object_id, text_verifier.object_id
    end