Module: ActionDispatch::Cookies::ChainedCookieJars

Relationships & Source Files
Extension / Inclusion / Inheritance Descendants
Included In: `::ActionController::RequestForgeryProtection::ProtectionMethods::NullSession::NullCookieJar`, `AbstractCookieJar`, `CookieJar`, `EncryptedKeyRotatingCookieJar`, `PermanentCookieJar`, `SignedKeyRotatingCookieJar`
Defined in:	actionpack/lib/action_dispatch/middleware/cookies.rb

Overview

Include in a cookie jar to allow chaining, e.g. cookies.permanent.signed.

Instance Attribute Summary

#prepare_upgrade_legacy_hmac_aes_cbc_cookies? ⇒ Boolean readonly private
#upgrade_legacy_hmac_aes_cbc_cookies? ⇒ Boolean readonly private

Instance Method Summary

#encrypted

Returns a jar that’ll automatically encrypt cookie values before sending them to the client and will decrypt them for read.
#permanent

Returns a jar that’ll automatically set the assigned cookies to have an expiration date 20 years from now.
#signed

Returns a jar that’ll automatically generate a signed representation of cookie value and verify it when reading from the cookie again.
#signed_or_encrypted

Returns the #signed or #encrypted jar, preferring #encrypted if secret_key_base is set.
#encrypted_cookie_cipher private
#signed_cookie_digest private

Instance Attribute Details

#prepare_upgrade_legacy_hmac_aes_cbc_cookies? ⇒ `Boolean` (readonly, private)

[ GitHub ]

# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 281


def prepare_upgrade_legacy_hmac_aes_cbc_cookies?
  request.secret_key_base.present? &&
    request.authenticated_encrypted_cookie_salt.present? &&
    !request.use_authenticated_cookie_encryption
end

#upgrade_legacy_hmac_aes_cbc_cookies? ⇒ `Boolean` (readonly, private)

[ GitHub ]

# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 274


def upgrade_legacy_hmac_aes_cbc_cookies?
  request.secret_key_base.present? &&
    request.encrypted_signed_cookie_salt.present? &&
    request.encrypted_cookie_salt.present? &&
    request.use_authenticated_cookie_encryption
end

Instance Method Details

#encrypted

Returns a jar that’ll automatically encrypt cookie values before sending them to the client and will decrypt them for read. If the cookie was tampered with by the user (or a 3rd party), nil will be returned.

If config.action_dispatch.encrypted_cookie_salt and config.action_dispatch.encrypted_signed_cookie_salt are both set, legacy cookies encrypted with HMAC AES-256-CBC will be transparently upgraded.

This jar requires that you set a suitable secret for the verification on your app’s secret_key_base.

Example:

cookies.encrypted[:discount] = 45
# => Set-Cookie: discount=DIQ7fw==--K3n//8vvnSbGq9dA--7Xh91HfLpwzbj1czhBiwOg==; path=/

cookies.encrypted[:discount] # => 45

[ GitHub ]

# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 258


def encrypted
  @encrypted ||= EncryptedKeyRotatingCookieJar.new(self)
end

#encrypted_cookie_cipher (private)

[ GitHub ]

# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 287


def encrypted_cookie_cipher
  request.encrypted_cookie_cipher || "aes-256-gcm"
end

#permanent

Returns a jar that’ll automatically set the assigned cookies to have an expiration date 20 years from now. Example:

cookies.permanent[:prefers_open_id] = true
# => Set-Cookie: prefers_open_id=true; path=/; expires=Sun, 16-Dec-2029 03:24:16 GMT

This jar is only meant for writing. You’ll read permanent cookies through the regular accessor.

This jar allows chaining with the signed jar as well, so you can set permanent, signed cookies. Examples:

cookies.permanent.signed[:remember_me] = current_user.id
# => Set-Cookie: remember_me=BAhU--848956038e692d7046deab32b7131856ab20e14e; path=/; expires=Sun, 16-Dec-2029 03:24:16 GMT

[ GitHub ]

# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 224


def permanent
  @permanent ||= PermanentCookieJar.new(self)
end

#signed

Returns a jar that’ll automatically generate a signed representation of cookie value and verify it when reading from the cookie again. This is useful for creating cookies with values that the user is not supposed to change. If a signed cookie was tampered with by the user (or a 3rd party), nil will be returned.

This jar requires that you set a suitable secret for the verification on your app’s secret_key_base.

Example:

cookies.signed[:discount] = 45
# => Set-Cookie: discount=BAhpMg==--2c1c6906c90a3bc4fd54a51ffb41dffa4bf6b5f7; path=/

cookies.signed[:discount] # => 45

[ GitHub ]

# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 240


def signed
  @signed ||= SignedKeyRotatingCookieJar.new(self)
end

#signed_cookie_digest (private)

[ GitHub ]

# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 291


def signed_cookie_digest
  request.signed_cookie_digest || "SHA1"
end

#signed_or_encrypted

Returns the #signed or #encrypted jar, preferring #encrypted if secret_key_base is set. Used by ::ActionDispatch::Session::CookieStore to avoid the need to introduce new cookie stores.

[ GitHub ]

# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 264


def signed_or_encrypted
  @signed_or_encrypted ||=
    if request.secret_key_base.present?
      encrypted
    else
      signed
    end
end

Module: ActionDispatch::Cookies::ChainedCookieJars

Overview

Instance Attribute Summary

Instance Method Summary

Instance Attribute Details

#prepare_upgrade_legacy_hmac_aes_cbc_cookies? ⇒ Boolean (readonly, private)

#upgrade_legacy_hmac_aes_cbc_cookies? ⇒ Boolean (readonly, private)

Instance Method Details

#encrypted

#encrypted_cookie_cipher (private)

#permanent

#signed

#signed_cookie_digest (private)

#signed_or_encrypted

#prepare_upgrade_legacy_hmac_aes_cbc_cookies? ⇒ `Boolean` (readonly, private)

#upgrade_legacy_hmac_aes_cbc_cookies? ⇒ `Boolean` (readonly, private)