Permalink
Browse files

Remove peppers

This is to enhance the security of the dpeloyed app, you'll want to
un-comment these in your deployment.

May I recommend my excellent seasoning gem for generating new peppers?
  • Loading branch information...
1 parent f794abb commit f86fdcaa6b9fd6064a1182113ca973dcc2feb137 @martinisoft martinisoft committed Mar 7, 2011
Showing with 2 additions and 2 deletions.
  1. +1 −1 config/initializers/devise.rb
  2. +1 −1 config/initializers/secret_token.rb
View
2 config/initializers/devise.rb
@@ -46,7 +46,7 @@
config.encryptor = :bcrypt
# Setup a pepper to generate the encrypted password.
- config.pepper = "f018b6ba8385ab76e814813c05d201137d4a54509d933197112b6bd7066a1ce7dfdf99a175920ce2117b00c783e1754f69cb44dd6c422a75c3f896558a61701a"
+ # config.pepper = "f018b6ba8385ab76e814813c05d201137d4a54509d933197112b6bd7066a1ce7dfdf99a175920ce2117b00c783e1754f69cb44dd6c422a75c3f896558a61701a"
# ==> Configuration for :confirmable
# The time you want to give your user to confirm his account. During this time
View
2 config/initializers/secret_token.rb
@@ -4,4 +4,4 @@
# If you change this key, all old signed cookies will become invalid!
# Make sure the secret is at least 30 characters and all random,
# no regular words or you'll be exposed to dictionary attacks.
-Funnies::Application.config.secret_token = '50226643472e5e615c49e3a56300875457b25b863cd7d4b0d9109bec2ce66f7f825cddab83941c027610c17c7ba1fd01ba154086eff9c1ff46624f415867ca0e'
+# Funnies::Application.config.secret_token = '50226643472e5e615c49e3a56300875457b25b863cd7d4b0d9109bec2ce66f7f825cddab83941c027610c17c7ba1fd01ba154086eff9c1ff46624f415867ca0e'

0 comments on commit f86fdca

Please sign in to comment.