Let's say a value was added as a signed cookie in a request:
cookies.signed[:discount] = 45
#=> Set-Cookie: discount=BAhpMg==--2c1c6906c90a3bc4fd54a51ffb41dffa4bf6b5f7; path=/Generally to verify and read that value, you'd grab it from the signed cookies included in the request.
cookies.signed[:discount]
#=> 45What if you have the signed cookie value, but not in the context of a cookies
object?
You can build a cookie jar from the current request and read the verified value from that.
cookie_value = 'BAhpMg==--2c1c6906c90a3bc4fd54a51ffb41dffa4bf6b5f7'
cookie_hash = { discount: cookie_value }
cookie_jar = ActionDispatch::Cookies::CookieJar.build(request, cookie_hash)
cookie_jar.signed[:discount]
#=> 45It is also possible to Base64 decode the value, however that doesn't ensure that the value hasn't been tampered with.