Class: SimpleTokenAuthentication::TokenComparator

Inherits:

Object

Object
SimpleTokenAuthentication::TokenComparator

show all

Defined in:: lib/simple_token_authentication/token_comparator.rb

Instance Method Summary collapse

#compare(a, b) ⇒ Object

Compare two String instances.

Instance Method Details

permalink #compare(a, b) ⇒ `Object`

Compare two String instances

Important: this method is cryptographically critical and must be implemented with care when defining new token comparators.

Returns true if String instances do match, false otherwise

# File 'lib/simple_token_authentication/token_comparator.rb', line 12

def compare(a, b)
  # Notice how we use Devise.secure_compare to compare tokens
  # while mitigating timing attacks.
  # See http://rubydoc.info/github/plataformatec/\
  #            devise/master/Devise#secure_compare-class_method
  Devise.secure_compare(a, b)
end