activerecord-session_store icon indicating copy to clipboard operation
activerecord-session_store copied to clipboard

Published 20 hours ago verified publisher icon rails

Optionally sign or encrypt cookie

Open rchekaluk opened this issue 6 years ago • 6 comments

This change fixes #48 by optionally signing or encrypting the cookie. Although #48 primarily concerns signing, I also added encryption support for completeness (though as mentioned here, this is technically not necessary).

Two new configuration parameters are defined: sign_cookie, encrypt_cookie. Both default to false for backwards compatibility.

sign_cookie encrypt_cookie Behavior
false false Cleartext cookie
false true Encrypted cookie
true false Signed cookie
true true Encrypted cookie

The tests succeed under Rails 4, 5, and 6.

rchekaluk avatar Feb 23 '19 16:02 rchekaluk

I have yet to review the code yet, but just want to give you a heads up that I'll be cutting a new patch version first since we're overdue for one, and this feature can go with the next minor version.

sikachu avatar Feb 26 '19 01:02 sikachu

Ping @sikachu ?

rchekaluk avatar Jul 16 '19 10:07 rchekaluk

@rafaelfranca what do you think about this feature? I forgot that it's here for about a year now ...

Do you think this is a good feature to have?

sikachu avatar Jan 27 '20 06:01 sikachu

Ping @sikachu ? This seems like a solid addition to the gem.

rchekaluk avatar Oct 12 '20 11:10 rchekaluk

Hi @sikachu @rafaelfranca this PR has been updated for all rubies and Rails declared in its GitHub Actions workflow.

If possible, it would be appreciated if you would let us know if you intend to accept this PR or not.

rchekaluk avatar Oct 03 '22 23:10 rchekaluk