Sha256: d799701c27c7a23225e97160095b3a53655289aa9b3e12acf326bc2e2e92fc4f
Contents?: true
Size: 708 Bytes
Versions: 1
Compression:
Stored size: 708 Bytes
Contents
module SignedForm
module ActionController
module PermitSignedParams
def self.included(base)
base.prepend_before_filter :permit_signed_form_data
end
def permit_signed_form_data
return if request.method == 'GET' || params['form_signature'].blank?
data, signature = params['form_signature'].split('--', 2)
signature ||= ''
raise Errors::InvalidSignature, "Form signature is not valid" unless SignedForm::HMAC.verify_hmac signature, data
allowed_attributes = Marshal.load Base64.strict_decode64(data)
allowed_attributes.each do |k, v|
params[k] = params.require(k).permit(*v)
end
end
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| signed_form-0.0.1 | lib/signed_form/action_controller/permit_signed_params.rb |