Remove peppers

This is to enhance the security of the dpeloyed app, you'll want to un-comment these in your deployment. May I recommend my excellent seasoning gem for generating new peppers?
davelyon · Mar 7, 2011 · f86fdca · f86fdca
1 parent f794abb
commit f86fdca
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
@@ -46,7 +46,7 @@
   config.encryptor = :bcrypt
 
   # Setup a pepper to generate the encrypted password.
-  config.pepper = "f018b6ba8385ab76e814813c05d201137d4a54509d933197112b6bd7066a1ce7dfdf99a175920ce2117b00c783e1754f69cb44dd6c422a75c3f896558a61701a"
+  # config.pepper = "f018b6ba8385ab76e814813c05d201137d4a54509d933197112b6bd7066a1ce7dfdf99a175920ce2117b00c783e1754f69cb44dd6c422a75c3f896558a61701a"
 
   # ==> Configuration for :confirmable
   # The time you want to give your user to confirm his account. During this time

diff --git a/config/initializers/secret_token.rb b/config/initializers/secret_token.rb
@@ -4,4 +4,4 @@
 # If you change this key, all old signed cookies will become invalid!
 # Make sure the secret is at least 30 characters and all random,
 # no regular words or you'll be exposed to dictionary attacks.
-Funnies::Application.config.secret_token = '50226643472e5e615c49e3a56300875457b25b863cd7d4b0d9109bec2ce66f7f825cddab83941c027610c17c7ba1fd01ba154086eff9c1ff46624f415867ca0e'
+# Funnies::Application.config.secret_token = '50226643472e5e615c49e3a56300875457b25b863cd7d4b0d9109bec2ce66f7f825cddab83941c027610c17c7ba1fd01ba154086eff9c1ff46624f415867ca0e'