API Guides

instance method verify

Ruby on Rails 7.2.3

Since v2.3.18

Available in: v2.3.18 v3.0.20 v3.1.12 v3.2.22.5 v4.0.13 v4.1.16 v4.2.9 v5.2.8.1 v6.0.6 v6.1.7.10 v7.0.10 v7.1.6 v7.2.3 v8.0.4 v8.1.2 

verify(message, **options)

Decodes the signed message using the MessageVerifier‘s secret.

verifier = ActiveSupport::MessageVerifier.new("secret")
signed_message = verifier.generate("signed message")

verifier.verify(signed_message) # => "signed message"

Raises InvalidSignature if the message was not signed with the same secret or was not Base64-encoded.

other_verifier = ActiveSupport::MessageVerifier.new("different_secret")
other_verifier.verify(signed_message) # => ActiveSupport::MessageVerifier::InvalidSignature

Options

:purpose

The purpose that the message was generated with. If the purpose does not match, verify will raise ActiveSupport::MessageVerifier::InvalidSignature.

message = verifier.generate("hello", purpose: "greeting")
verifier.verify(message, purpose: "greeting") # => "hello"
verifier.verify(message, purpose: "chatting") # => raises InvalidSignature
verifier.verify(message)                      # => raises InvalidSignature

message = verifier.generate("bye")
verifier.verify(message)                      # => "bye"
verifier.verify(message, purpose: "greeting") # => raises InvalidSignature

Parameters

message req
options keyrest
Source 
# File activesupport/lib/active_support/message_verifier.rb, line 262
    def verify(message, **options)
      catch_and_raise :invalid_message_format, as: InvalidSignature do
        catch_and_raise :invalid_message_serialization do
          catch_and_raise :invalid_message_content, as: InvalidSignature do
            read_message(message, **options)
          end
        end
      end
    end

Defined in activesupport/lib/active_support/message_verifier.rb line 262 · View on GitHub · Improve this page · Find usages on GitHub

Defined in ActiveSupport::MessageVerifier

Type at least 2 characters to search.

↑↓ navigate · open · esc close