method

validate_nonce

v6.1.7.7 - Show latest stable - Class: ActionController::HttpAuthentication::Digest

validate_nonce(secret_key, request, value, seconds_to_timeout = 5 * 60)

public

Might want a shorter timeout depending on whether the request is a PATCH, PUT, or POST, and if the client is a browser or web service. Can be much shorter if the Stale directive is implemented. This would allow a user to use new nonce without prompting the user again for their username and password.

# File actionpack/lib/action_controller/metal/http_authentication.rb, line 322
      def validate_nonce(secret_key, request, value, seconds_to_timeout = 5 * 60)
        return false if value.nil?
        t = ::Base64.decode64(value).split(":").first.to_i
        nonce(secret_key, t) == value && (t - Time.now.to_i).abs <= seconds_to_timeout
      end

validate_nonce

Related methods