Skip to content

Commit ad5e608

Browse files
olleolleolleolleolleolle
committed
Verifier: make Verifier support old and new Verifier tokens
When we have run this code for a while, we can remove this Rails 7.0-compatible fallback code. The links in the code comment lead to where we need to change when we upgrade, one more time.
1 parent 6b35ffd commit ad5e608

File tree

2 files changed

+32
-2
lines changed

2 files changed

+32
-2
lines changed

lib/verifier.rb

Lines changed: 15 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,21 @@ def verify(model)
2020
private
2121

2222
def verifier
23-
@verifier ||= ActiveSupport::MessageVerifier.new(Rails.application.config.secret_key_base)
23+
@verifier ||= begin
24+
# This is a Rails 7.1 MessageVerifier, which is Rails 7.0-compatible verifier - as a fallback.
25+
#
26+
# Read more:
27+
# https://api.rubyonrails.org/v7.0/classes/ActiveSupport/MessageVerifier.html
28+
# https://api.rubyonrails.org/v7.1/classes/ActiveSupport/MessageVerifier.html
29+
# https://api.rubyonrails.org/v8.0.2.1/classes/ActiveSupport/MessageVerifier.html
30+
31+
verifier = ActiveSupport::MessageVerifier.new(Rails.application.config.secret_key_base)
32+
# Rails 7.0 default: Marshal. Rails 7.1 (the default) is :json_allow_marshal.
33+
verifier.rotate(serializer: Marshal)
34+
# Rails 7.0 default: "SHA1". Rails 7.1 (the default) is "SHA256".
35+
verifier.rotate(digest: 'SHA1')
36+
verifier
37+
end
2438
end
2539

2640
def generate_access_token

spec/lib/verifier_spec.rb

Lines changed: 17 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66
end
77

88
it 'generates access_token for an id' do
9-
expect(Verifier.new(id: 1).access_token).to be_eql('BAhpBg==--30d45b871c77098a0ba79cf27dd532650ca75531')
9+
expect(Verifier.new(id: 1).access_token).to eq('MQ==--a3487195ba15b69d4aa07b7da0234463b82c96b3')
1010
end
1111

1212
it 'verifies a model' do
@@ -15,4 +15,20 @@
1515

1616
expect(Verifier.new(token: access_token).verify(Member)).to eq(member)
1717
end
18+
19+
context 'with an access token from Rails 7.0' do
20+
it 'verifies a model' do
21+
member = Fabricate(:member)
22+
access_token = build_access_token_from_rails70(member.id)
23+
24+
expect(Verifier.new(token: access_token).verify(Member)).to eq(member)
25+
end
26+
27+
def build_access_token_from_rails70(id)
28+
# Old Rails 7.0 default was Marshal. Rails 7.1 (the default) is :json_allow_marshal.
29+
# Old Rails 7.0 default was "SHA1". Rails 7.1 (the default) is "SHA256".
30+
verifier = ActiveSupport::MessageVerifier.new(Rails.application.config.secret_key_base, serializer: Marshal, digest: 'SHA1')
31+
verifier.generate(id)
32+
end
33+
end
1834
end

0 commit comments

Comments
 (0)