Class: ActionController::RequestForgeryProtection::CookieStore
Relationships & Source Files | |
Inherits: | Object |
Defined in: | actionpack/lib/action_controller/metal/request_forgery_protection.rb |
Class Method Summary
- .new(cookie = :csrf_token) ⇒ CookieStore constructor
Instance Method Summary
Constructor Details
.new(cookie = :csrf_token) ⇒ CookieStore
# File 'actionpack/lib/action_controller/metal/request_forgery_protection.rb', line 332
def initialize( = :csrf_token) @cookie_name = end
Instance Method Details
#fetch(request)
[ GitHub ]# File 'actionpack/lib/action_controller/metal/request_forgery_protection.rb', line 336
def fetch(request) contents = request. .encrypted[@cookie_name] return nil if contents.nil? value = JSON.parse(contents) return nil unless value.dig("session_id", "public_id") == request.session.id_was&.public_id value["token"] rescue JSON::ParserError nil end
#reset(request)
[ GitHub ]# File 'actionpack/lib/action_controller/metal/request_forgery_protection.rb', line 359
def reset(request) request. .delete(@cookie_name) end
#store(request, csrf_token)
[ GitHub ]# File 'actionpack/lib/action_controller/metal/request_forgery_protection.rb', line 348
def store(request, csrf_token) request. .encrypted.permanent[@cookie_name] = { value: { token: csrf_token, session_id: request.session.id, }.to_json, httponly: true, same_site: :lax, } end