method

valid_message?

v5.2.3 - Show latest stable - Class: ActiveSupport::MessageVerifier

valid_message?(signed_message)

public

Checks if a signed message could have been generated by signing an object with the MessageVerifier's secret.

verifier = ActiveSupport::MessageVerifier.new 's3Krit'
signed_message = verifier.generate 'a private message'
verifier.valid_message?(signed_message) # => true

tampered_message = signed_message.chop # editing the message invalidates the signature
verifier.valid_message?(tampered_message) # => false

# File activesupport/lib/active_support/message_verifier.rb, line 122
    def valid_message?(signed_message)
      return if signed_message.nil? || !signed_message.valid_encoding? || signed_message.blank?

      data, digest = signed_message.split("--".freeze)
      data.present? && digest.present? && ActiveSupport::SecurityUtils.secure_compare(digest, generate_digest(data))
    end

valid_message?

Related methods