Andreas/tracks
1
0
Fork 0
mirror of https://github.com/TracksApp/tracks.git synced 2026-02-11 18:04:22 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Use setting from stie.yml instead of hardcoded secret token

Browse source 
Fallback to randomly generated token, which is fine for development and test mode. (Sessions will be invalidated when the server reboots)

Thanks @brynary
This commit is contained in:
Reinier Balt 2013-05-07 09:21:22 +02:00
parent 858e197c51
commit 7ec39aa4d1
2 changed files with 30 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

2
config/initializers/secret_token.rb
View file

@ -4,4 +4,4 @@
# If you change this key, all old signed cookies will become invalid!
# Make sure the secret is at least 30 characters and all random,
# no regular words or you'll be exposed to dictionary attacks.
Tracksapp::Application.config.secret_token = '978c88b98f3b7885b2e88a831545bd3c5d80d0f528b32096dafa7dc9010b2180e2391c059c5347a244709a2257e3d13f0841fbdc56e8052af3c3396916b5805b'
Tracksapp::Application.config.secret_token = SITE_CONFIG["secret_token"] || SecureRandom.hex(64)