module ParamCryptable - rails-param_cryptable-0.1.1 Documentation

Public Class Methods

encrypt(text) click to toggle source

Encrypt any value for use by crypt_params

@param [Object] text The text to encrypt. This method calls `.to_s` on it. @return [String] The encrypted representation

# File lib/param_cryptable.rb, line 18
def self.encrypt(text)
  cipher = OpenSSL::Cipher.new('blowfish').encrypt
  cipher.key = Rails.application.credentials.param_cryptable_key

  s = cipher.update(text.to_s) + cipher.final
  s.unpack1('H*')
end

Public Instance Methods

crypt_param(param, tree = []) click to toggle source

Expect this param to be encrypted, if present, and attempt to decrypt it before accessing

@param [Symbol, Hash] param The parameter to expect to be crypted @param [Array] tree Internally used for recursion

# File lib/param_cryptable.rb, line 38
def crypt_param(param, tree = [])
  if param.is_a?(Hash)
    key, value = param.first
    crypt_param(value, tree + [key])
  else
    crypt_params << tree + [param]
  end
end

crypt_params() click to toggle source

attr_accessor really needs a default / initial value setting…

@return [Array] Crypt Params stored in class instance variable.

# File lib/param_cryptable.rb, line 30
def crypt_params
  @crypt_params ||= []
end

encrypt(text) click to toggle source

Encrypt any value for use by crypt_params

@param [Object] text The text to encrypt. This method calls `.to_s` on it. @return [String] The encrypted representation

# File lib/param_cryptable.rb, line 52
def encrypt(text)
  ParamCryptable.encrypt(text)
end

Private Instance Methods

decrypt(code) click to toggle source

# File lib/param_cryptable.rb, line 78
def decrypt(code)
  cipher = OpenSSL::Cipher.new('blowfish').decrypt
  cipher.key = Rails.application.credentials.param_cryptable_key
  s = [code].pack('H*').unpack('C*').pack('c*')

  cipher.update(s) + cipher.final
end

params() click to toggle source

Override for ActionController#params that decrypts all registered crypt_params if they are provided as strings in the request.

@return [ActionController::Parameters]

Calls superclass method

# File lib/param_cryptable.rb, line 62
def params
  @params ||= super.tap do |params|
    crypt_params.each do |crypt_param|
      local_params =
        if crypt_param.size > 1
          params.dig(*crypt_param[0..-2])
        else
          params
        end
      if local_params[crypt_param.last].is_a? String
        local_params[crypt_param.last] = decrypt(local_params[crypt_param.last])
      end
    end
  end
end