Sha256: 5f4a080111d4d3ea8fea8572dcd70e62adae5d93cd7ca22da2300fd69f7e1f05
Contents?: true
Size: 1.48 KB
Versions: 3
Compression:
Stored size: 1.48 KB
Contents
= Double Trouble
Adds nonces to your Rails' forms, avoiding duplicates by sending the
same form again (when the user has ADHD, as well in the other
situations).
== Installation
gem install double_trouble
== Usage
class CommentsController < ApplicationController
protect_from_double_trouble :comment, :only => :create
def create
@comment = Comment.new(params[:comment])
if @comment.save
# ordinary stuff
end
end
end
Double trouble works quite similar to CSRF protection
(authenticity_token) - it adds form_nonce parameter to your
forms. After the protected model is successfully saved (when
new_record? returns false), it stores received form_nonce in the
Rails.cache by default (you can easily replace the default store by DB
backend for instance).
== Configuration
You can globally turn the protection off (test environment?):
ActionController::Base.allow_double_trouble_protection = false
Default nonce store can be changed:
ActionController::Base.double_trouble_nonce_store = FormNonce
FormNonce class must implement two class methods:
def self.valid?(nonce)
# checks if the nonce has not been used before
end
def self.store!(nonce)
# stores the given nonce somewhere
end
The name of the form nonce param can be changed as well:
ActionController::Base.double_trouble_nonce_param = :double_trouble_nonce
== Copyright
Copyright (c) 2010 Jakub Kuźma. See LICENSE[http://github.com/qoobaa/form_nonce/raw/master/LICENSE] for details.
Version data entries
3 entries across 3 versions & 1 rubygems
| Version | Path |
|---|---|
| double_trouble-0.2.1 | README.rdoc |
| double_trouble-0.2.0 | README.rdoc |
| double_trouble-0.1.1 | README.rdoc |