From eb76db93e469290b721d0ed766424091a036baba Mon Sep 17 00:00:00 2001 From: Cesy Avon Date: Mon, 16 Feb 2015 13:34:37 +0000 Subject: [PATCH 1/3] Switching to new secrets format as per http://guides.rubyonrails.org/upgrading_ruby_on_rails.html#config-secrets-yml --- config/initializers/secret_token.rb | 7 ------- config/secrets.yml | 17 +++++++++++++++++ 2 files changed, 17 insertions(+), 7 deletions(-) delete mode 100644 config/initializers/secret_token.rb create mode 100644 config/secrets.yml diff --git a/config/initializers/secret_token.rb b/config/initializers/secret_token.rb deleted file mode 100644 index 8ebcc27d30..0000000000 --- a/config/initializers/secret_token.rb +++ /dev/null @@ -1,7 +0,0 @@ -# Be sure to restart your server when you modify this file. - -# Your secret key for verifying the integrity of signed cookies. -# If you change this key, all old signed cookies will become invalid! -# Make sure the secret is at least 30 characters and all random, -# no regular words or you'll be exposed to dictionary attacks. -Growstuff::Application.config.secret_token = ENV['RAILS_SECRET_TOKEN'] || "this is not a real secret token but it's here to make life easier for developers" diff --git a/config/secrets.yml b/config/secrets.yml new file mode 100644 index 0000000000..1abbd84c78 --- /dev/null +++ b/config/secrets.yml @@ -0,0 +1,17 @@ +# Be sure to restart your server when you modify this file. + +# Your secret key for verifying the integrity of signed cookies. +# If you change this key, all old signed cookies will become invalid! +# Make sure the secret is at least 30 characters and all random, +# no regular words or you'll be exposed to dictionary attacks. + +development: + secret_key_base: 'b1b67abb399261478f4721e704eb3851466daf60d9cd2b53a1839b056d641c4c1c2a476bcaf7addc6d6548926cfd32fa5a00a8de258880257ebb5a6fd86cb08f' + # run 'rake secret' to generate your own + +test: + secret_key_base: 'be557aa019b181f201c9906663dbf8f22efb1b70b11f78035bfeda86aa7dcfd1efb184e2ee894a0ae0dc37fe67d311f38e7731fa16d8d595f2e1ef5447bae020' + # run 'rake secret' to generate your own + +production: + secret_key_base: <%= ENV["SECRET_KEY_BASE"] %> \ No newline at end of file From 9b195d1d2ef9724d44a1025598c5b8821f75b7d8 Mon Sep 17 00:00:00 2001 From: Cesy Avon Date: Mon, 16 Feb 2015 13:42:57 +0000 Subject: [PATCH 2/3] Fixing line break --- config/secrets.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/secrets.yml b/config/secrets.yml index 1abbd84c78..c522ed9258 100644 --- a/config/secrets.yml +++ b/config/secrets.yml @@ -14,4 +14,4 @@ test: # run 'rake secret' to generate your own production: - secret_key_base: <%= ENV["SECRET_KEY_BASE"] %> \ No newline at end of file + secret_key_base: <%= ENV["SECRET_KEY_BASE"] %> From 2740b5e47b3c638de3a9f32179b8730ddb08148e Mon Sep 17 00:00:00 2001 From: Cesy Avon Date: Mon, 23 Feb 2015 13:37:43 +0000 Subject: [PATCH 3/3] Correcting the environment variable name for secret token so Heroku is not impacted --- config/secrets.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/secrets.yml b/config/secrets.yml index c522ed9258..4fc7f3b378 100644 --- a/config/secrets.yml +++ b/config/secrets.yml @@ -14,4 +14,4 @@ test: # run 'rake secret' to generate your own production: - secret_key_base: <%= ENV["SECRET_KEY_BASE"] %> + secret_key_base: <%= ENV["RAILS_SECRET_TOKEN"] %>