This repository is private.
All pages are served over SSL and all pushing and pulling is done over SSH.
No one may fork, clone, or view it unless they are added as a member.
Every repository with this icon (
) is private.
Every repository with this icon (
) is private.
This repository is public.
Anyone may fork, clone, or view it.
Every repository with this icon () is public.
Every repository with this icon (
) is public.
QuestionsAndAnswers
Questions: Would it be possible to use a session variable for the key? (Or a request variable.)
I do not want to save the :key on the web sever or database at all, but, rather, have it only be memorized by the user and only sent when the user asks for the information. Is attr_encrypted a solution?
Answer
Yes, you can set the encryption key as a proc like so:
- your model
class User < ActiveRecord::Base
attr_accessor :key
attr_encrypted :credit_card, :key => proc { |user| user.key }
end
- your controller
def some_action
@user = User.find(params[:id])
@user.key = params[:key]
@user.credit_card # returns decrypted credit card number (if key is correct), - otherwise raises an exception about an invalid key
end
