lib/double_trouble/protection.rb in double_trouble-0.1.1 vs lib/double_trouble/protection.rb in double_trouble-0.2.0
- old
+ new
@@ -1,24 +1,22 @@
module DoubleTrouble
module Protection
- def self.included(base)
- base.class_eval do
- class_inheritable_accessor :allow_double_trouble_protection
- cattr_accessor :double_trouble_nonce_store
- cattr_accessor :double_trouble_nonce_param
- helper_method :protect_against_double_trouble?, :double_trouble_nonce_param, :double_trouble_form_nonce
+ extend ActiveSupport::Concern
- self.allow_double_trouble_protection = true
+ included do
+ class_inheritable_accessor :allow_double_trouble_protection
+ cattr_accessor :double_trouble_nonce_store
+ cattr_accessor :double_trouble_nonce_param
+ helper_method :protect_against_double_trouble?, :double_trouble_nonce_param, :double_trouble_form_nonce
- extend(ClassMethods)
- end
+ self.allow_double_trouble_protection = true
end
module ClassMethods
def protect_from_double_trouble(resource_name, options = {})
- self.double_trouble_nonce_param ||= :form_nonce
- self.double_trouble_nonce_store ||= CachedNonce
+ self.double_trouble_nonce_param ||= :form_nonce
+ self.double_trouble_nonce_store ||= CachedNonce
around_filter(options.slice(:only, :except)) do |controller, action_block|
if controller.send(:protect_against_double_trouble?)
nonce = controller.params[double_trouble_nonce_param]
@@ -34,16 +32,17 @@
end
end
end
end
- protected
+ module InstanceMethods
+ protected
+ def double_trouble_form_nonce
+ ActiveSupport::SecureRandom.base64(32)
+ end
- def double_trouble_form_nonce
- ActiveSupport::SecureRandom.base64(32)
- end
-
- def protect_against_double_trouble?
- allow_double_trouble_protection && double_trouble_nonce_store && double_trouble_nonce_param
+ def protect_against_double_trouble?
+ allow_double_trouble_protection && double_trouble_nonce_store && double_trouble_nonce_param
+ end
end
end
end