rails secret token fix
3 changed files with 13 additions and 9 deletions
+ 1
- 1
.gitignore
@@ -18,7 +18,7 @@ rerun.txt |
||
| 18 | 18 |
pickle-email-*.html |
| 19 | 19 |
|
| 20 | 20 |
# TODO Comment out these rules if you are OK with secrets being uploaded to the repo |
| 21 |
-config/initializers/secret_token.rb |
|
| 21 |
+#config/initializers/secret_token.rb |
|
| 22 | 22 |
#config/secrets.yml |
| 23 | 23 |
|
| 24 | 24 |
## Environment normalisation: |
+ 12
- 0
config/initializers/secret_token.rb
@@ -0,0 +1,12 @@ |
||
| 1 |
+# Be sure to restart your server when you modify this file. |
|
| 2 |
+ |
|
| 3 |
+# Your secret key is used for verifying the integrity of signed cookies. |
|
| 4 |
+# If you change this key, all old signed cookies will become invalid! |
|
| 5 |
+ |
|
| 6 |
+# Make sure the secret is at least 30 characters and all random, |
|
| 7 |
+# no regular words or you'll be exposed to dictionary attacks. |
|
| 8 |
+# You can use `rake secret` to generate a secure secret key. |
|
| 9 |
+ |
|
| 10 |
+# Make sure your secret_key_base is kept private |
|
| 11 |
+# if you're sharing your code publicly. |
|
| 12 |
+RailsWebsiteTemplate::Application.config.secret_key_base = ENV["SECRET_KEY_BASE"] |
+ 0
- 8
config/secrets.yml
@@ -1,8 +0,0 @@ |
||
| 1 |
-development: |
|
| 2 |
- secret_key_base: |
|
| 3 |
- |
|
| 4 |
-test: |
|
| 5 |
- secret_key_base: |
|
| 6 |
- |
|
| 7 |
-production: |
|
| 8 |
- secret_key_base: <%= ENV["SECRET_KEY_BASE"] %> |