module UrlSigner::Rails::ControllerHelpers
Public Instance Methods
sign_url(url, options={})
click to toggle source
Sign a url
.
@signed_url = sign_url(some_route_helper_url)
Can also be used as a view helper:
<%= link_to 'Some secret', sign_url(some_secret_action_url) %>
For options
, see UrlSigner#sign
.
# File lib/url_signer/rails.rb, line 24 def sign_url(url, options={}) options = url_signer_options(options) UrlSigner.sign(url, options).to_s end
signature_invalid!()
click to toggle source
Called when an action is called with an invalid signature attached. Will be overridden to enhance behaviour:
class MyController < ActionController::Base before_action :verify_signature! # ... def signature_invalid! redirect_to root_path, notice: 'you URL is not valid anymore' end end
# File lib/url_signer/rails.rb, line 76 def signature_invalid! head :forbidden end
signature_valid?(url=nil, options={})
click to toggle source
Verify a url
.
class MyController < ActionController::Base def my_action # verify the validity of the current called url current_url_valid = signature_valid? # or with another url orher_url_valid = signature_valid?(orher_url) end end
For options
, see UrlSigner#valid?
.
# File lib/url_signer/rails.rb, line 44 def signature_valid?(url=nil, options={}) url ||= request.url options = url_signer_options(options) UrlSigner.valid?(url, options) end
verify_signature!()
click to toggle source
Verify the current url and call signature_invalid!
on failure. This method is intended to be used in a before action.
class MyController < ActionController::Base before_action :verify_signature! def secure_action # can only be accessed from a signed url end end
# File lib/url_signer/rails.rb, line 60 def verify_signature! signature_invalid! unless signature_valid? end