Class: InertiaRails::XsrfCookieRefreshPolicy

Inherits:
Object
  • Object
show all
Defined in:
lib/inertia_rails/xsrf_cookie_refresh_policy.rb

Overview

Decides whether the XSRF-TOKEN cookie rewrite can be skipped under the :lazy refresh policy.

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(controller) ⇒ XsrfCookieRefreshPolicy

Returns a new instance of XsrfCookieRefreshPolicy.



10
11
12
13
# File 'lib/inertia_rails/xsrf_cookie_refresh_policy.rb', line 10

def initialize(controller)
  @controller = controller
  @request = controller.request
end

Class Method Details

.skip?(controller) ⇒ Boolean

Returns:

  • (Boolean)


6
7
8
# File 'lib/inertia_rails/xsrf_cookie_refresh_policy.rb', line 6

def self.skip?(controller)
  new(controller).skip?
end

Instance Method Details

#skip?Boolean

Returns:

  • (Boolean)


15
16
17
18
19
20
21
22
23
24
25
# File 'lib/inertia_rails/xsrf_cookie_refresh_policy.rb', line 15

def skip?
  return false unless configuration.xsrf_cookie_refresh == :lazy
  return false unless @request.get? || @request.head?

  cookie = @request.cookies['XSRF-TOKEN']
  return false if cookie.blank?

  return true unless can_validate_without_loading_session?

  valid_for_session?(cookie)
end