发表新帖
发表新帖

Given the session key and secret, how can we decrypt Rails cookies?

后端 未结
关注
5 1077
感动是毒
感动是毒 2020-12-24 02:37

I\'ve got a question about how Rails handles cookie encryption/decryption.

I\'ve got this in my config/environment.rb

  config.action_controller.sess
5条回答
  • 死守一世寂寞
    死守一世寂寞 (楼主)
    2020-12-24 03:13

    If you pull the session.data field straight from the session data stored in your app's database (if you are using active_record_store in your environment.rb file)

    config.action_controller.session_store = :active_record_store

    ... here is how you decode it and return the hash:

    Marshal.load(ActiveSupport::Base64.decode64(@session.data))

    ... or in Rails >= 3.2 (thanks Chuck Vose)

    Marshal.load(Base64.decode64(@session.data))

    It is not encrypted at all.

    0 讨论(0)
 看不清?
提交回复
热议问题