Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

add rails generator url_store:initializer that generates configuratio…

…n file with random secret. updated readme to reflect the changes.
  • Loading branch information...
commit 57f2ffa9c4c5641c41cd8c3204d4598f7aaec9e6 1 parent ddc6a76
@priithaamer priithaamer authored
View
36 Readme.md
@@ -13,21 +13,38 @@ Great for:
- access control
- ...
-
Install
=======
- - As gem: ` sudo gem install url_store `
- - As Rails plugin: ` rails plugin install git://github.com/grosser/url_store.git `
+
+When using Rails 3, include it in your Gemfile:
+
+ gem 'url_store'
+
+When using Rails 2 or no rails at all:
+
+ sudo gem install url_store
+
+Or as Rails plugin:
+
+ rails plugin install git://github.com/grosser/url_store.git
Usage
=====
- # config (e.g environment.rb)
+
+When on Rails, create config/initializers/url_store.rb using generator. A random secret will be generated for you:
+
+ rails generate url_store:initializer
+
+Or configure it by hand (e.g in environment.rb):
+
UrlStore.defaults = {:secret => 'adadasd2adsdasd4ads4eas4dea4dsea4sd'}
- # View:
- <%= link_to 'paid', :controller=>:payments, :action=>:paid, :data=>UrlStore.encode(:id=>1, :status=>'paid') %>
+In Rails views:
+
+ <%= link_to 'paid', :controller =>:payments, :action=>:paid, :data=>UrlStore.encode(:id=>1, :status=>'paid') %>
+
+In controllers:
- # Controller:
if data = UrlStore.decode(params[:data])
Payment.find(data[:id]).update_attribute(:status, data[:status])
else
@@ -35,18 +52,21 @@ Usage
end
### Defaults
+
UrlStore.defaults = {:secret => 'something random'} # ALWAYS use your own secret
UrlStore.defaults = {... , :hasher => 'MD5'} # default: 'SHA1'
UrlStore.defaults = {... , :serializer => :yaml} # default: :marshal
### Tips
+
- If you need multiple UrlStores, just use ` UrlStore.new(:secret => 'sadasd', ...) `
- As long as you stay under 2k chars there should be no problems. [max url lengths per browser/server](http://www.boutell.com/newfaq/misc/urllength.html)
- Data is not (yet) encrypted, users could read(but not change) the encoded data
- Replay attacks are possible <-> add a timestamp to check the freshness of the encoded data
Author
-=======
+======
+
[Michael Grosser](http://grosser.it)<br/>
michael@grosser.it<br/>
Hereby placed under public domain, do what you want, just do not hold me accountable...
View
2  lib/url_store.rb
@@ -1,5 +1,7 @@
require 'url_store/compact_encoder'
+require 'url_store/railtie' if defined?(::Rails) && ::Rails::VERSION::MAJOR >= 3
+
class UrlStore
VERSION = File.read( File.join(File.dirname(__FILE__),'..','VERSION') ).strip
SECRET = 'asdkasjlwqjdqaccxnjkasdfh2313'
View
12 lib/url_store/generators/initializer.rb
@@ -0,0 +1,12 @@
+require 'rails/generators'
+
+class UrlStore::InitializerGenerator < Rails::Generators::Base
+
+ def self.source_root
+ @source_root ||= File.join(File.dirname(__FILE__), 'templates')
+ end
+
+ def create_initializer_file
+ template 'initializer.erb', 'config/initializers/url_store.rb'
+ end
+end
View
1  lib/url_store/generators/templates/initializer.erb
@@ -0,0 +1 @@
+UrlStore.defaults = {:secret => '<%= ActiveSupport::SecureRandom.hex(16) %>'}
View
6 lib/url_store/railtie.rb
@@ -0,0 +1,6 @@
+class UrlStore::Railtie < ::Rails::Railtie
+
+ generators do
+ require 'url_store/generators/initializer'
+ end
+end
Please sign in to comment.
Something went wrong with that request. Please try again.