Skip to content

Instantly share code, notes, and snippets.

@trivektor

trivektor/gist:5d3e0e2050ef935c34a0d9faac54330d

Forked from iant/gist:ff76ec354907d8835cbc
Created July 18, 2016 21:23
Show Gist options
  • Save trivektor/5d3e0e2050ef935c34a0d9faac54330d to your computer and use it in GitHub Desktop.
Save trivektor/5d3e0e2050ef935c34a0d9faac54330d to your computer and use it in GitHub Desktop.
Download ZIP
Decoding rails cookies from rails console
Raw
gistfile1.txt
# Run from 'rails console'
# Example cookie value. To find in Chrome: Inspect > Resources > Cookies
cookie = "cEJPOHAwUXdmMS9HK3gyVVYyNVR2QU03Q0ZhclZYNmRrN3RoelhrenQ3ZVhsSEtOTytQR29aZG1ZZWZmK254Y01QM2hyTVZMNlFOcWNCRytzM0pac0hpbFVWTUoxZEVicEZERXIzbEJENkJ4QVBZcDQyM24rclQxbnRFeXpkMVRicTdGMkVSU2F1U0FVcEdiYVBsRVFveThlMndPdDBlaThVVkl4TkFreUc0PS0tRFFmdlFzQnkrSmROT1ZNdnpjcnA4Zz09--3bf330ec809351525bd9df2c905a81a3bcc93c81"
# Example secret_key_base found in config/secrets.yml
secret_key_base = "df3def2698eb651febcb5ca64c3203a3cb3ff988e7ee5c4fd66135a24ddf5009ae0f95dee1e1d2e443538e647178f0cd87acc98d1082659bb03d89b8af1f2252"
key_generator = ActiveSupport::KeyGenerator.new(secret_key_base, iterations: 1000)
secret = key_generator.generate_key("encrypted cookie")
sign_secret = key_generator.generate_key("signed encrypted cookie")
encryptor = ActiveSupport::MessageEncryptor.new(secret, sign_secret, serializer: ActiveSupport::MessageEncryptor::NullSerializer)
puts encryptor.decrypt_and_verify(URI.unescape(cookie))
# Should output
# {"session_id":"0cbf92b20f9d7e75018b395ae245ace9","_csrf_token":"dW85TO7v0v5bmE/UAMcukjcfOTXeiU4S6pMJml39thw=","user_id":1}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment