class SimpleTokenAuthentication::TokenComparator

Public Instance Methods

compare(a, b) click to toggle source

Compare two String instances

Important: this method is cryptographically critical and must be implemented with care when defining new token comparators.

Returns true if String instances do match, false otherwise

# File lib/simple_token_authentication/token_comparator.rb, line 13
def compare(a, b)
  # Notice how we use Devise.secure_compare to compare tokens
  # while mitigating timing attacks.
  # See http://rubydoc.info/github/plataformatec/\
  #            devise/master/Devise#secure_compare-class_method
  Devise.secure_compare(a, b)
end