class SecureCompareRotator
Ruby on Rails 6.1.7.10
Since v6.1.7.10The ActiveSupport::SecureCompareRotator is a wrapper around ActiveSupport::SecurityUtils.secure_compare and allows you to rotate a previously defined value to a new one.
It can be used as follow:
rotator = ActiveSupport::SecureCompareRotator.new('new_production_value') rotator.rotate('previous_production_value') rotator.secure_compare!('previous_production_value')
One real use case example would be to rotate a basic auth credentials:
class MyController < ApplicationController def authenticate_request rotator = ActiveSupport::SecureComparerotator.new('new_password') rotator.rotate('old_password') authenticate_or_request_with_http_basic do |username, password| rotator.secure_compare!(password) rescue ActiveSupport::SecureCompareRotator::InvalidMatch false end end end
Inherits from
Includes
Constants
Methods (defined here)
- # secure_compare!
- self. new
Private methods
(1)
Implementation detail — not part of the public API.
Methods (inherited)
From ActiveSupport::SecurityUtils (2)
- self. fixed_length_secure_compare
- self. secure_compare
From Object (17)
- # acts_like?
- # blank?
- # deep_dup
- # duplicable?
- # html_safe?
- # in?
- # instance_values
- # instance_variable_names
- # presence
- # presence_in
- # present?
- # to_param
- # to_query
- # try
- # try!
- # unescape
- # with_options
From ActiveRecord::TestFixtures (4)
From ActiveSupport::Concern (3)
- # class_methods
- # included
- # prepended