Sha256: ef9cf73deb325eb1b30f4125bd56fc9aa9ff994ee21a54fddffcbfeee0fe735c

Contents?: true

Size: 1.16 KB

Versions: 1

Compression:

Stored size: 1.16 KB

Contents

module Vidibus
  module Secure
    module Extensions

      # Contains extensions of ApplicationController.
      module Controller
        extend ActiveSupport::Concern

        included do
          helper_method :valid_request?
        end

        # Generates a signature of a request path.
        # Will use the current request.fullpath unless an URI is given.
        #
        # The given URI will be decomposed into path and request params.
        # A given +signature_param+ will be removed, all remaining params
        # will be ordered alphabetically.
        #
        # Usage:
        #
        #   valid_request?("mysecret")
        #   valid_request?("mysecret", :uri => "http://...", :method => "get", :params => {})
        #
        def valid_request?(secret, options = {})
          method = options.delete(:method) || request.method
          uri = options.delete(:uri) || request.protocol + request.host_with_port + request.fullpath
          params = options.delete(:params) || request.params.except(:action, "action", :controller, "controller", :id, "id")
          Vidibus::Secure.verify_request(method, uri, params, secret)
        end
      end
    end
  end
end

Version data entries

1 entries across 1 versions & 1 rubygems

Version Path
vidibus-secure-0.0.1 lib/vidibus/secure/extensions/controller.rb