Skip to content

/ devise

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for Rails 4.1 secrets. #2835

Merged
merged 1 commit into from Jan 22, 2014
Merged

Add support for Rails 4.1 secrets. #2835

merged 1 commit into from Jan 22, 2014

Conversation

@lucasmazza
Copy link
Contributor

@lucasmazza lucasmazza commented Jan 13, 2014

This is a first spike for that @josevalim proposed on #2821. Upgrade existing apps will be simple - developers just need to move their keys to the secrets.yml - but on fresh apps its required to add the secret_key key manually. We could still generate a token inside the initializer as a fallback (so the app can boot without this step) or figure out an automatic way of placing the token on the application configuration.
@josevalim
Copy link
Contributor

@josevalim josevalim commented Jan 14, 2014

Nice! A couple things:

  1. Pepper exists only for backwards compatibility, I would not include it
  2. We can re-use the app secret from Rails by default since from Rails 4.1 we derive secrets from the same key

So I guess we can read Rails secret by default and leave config.secret_key for people that come from previous Rails versions where they have a different secret than the rails one (and if they want, they can store their devise secret it in config/secrets.yml themselves).

What do you think?
@lucasmazza
Read the `secret_key` value from Rails `secret_key_base`.
Loading status checks…
eba91e6 
It is possible to override this by setting the `secret_key` manually
on the `devise.rb` initializer on your application.
@lucasmazza
Copy link
Contributor Author

@lucasmazza lucasmazza commented Jan 22, 2014

@josevalim just updated the PR with the new approach: the secret_key_base will be reused on 4+ apps as our secret_key.
@josevalim
Copy link
Contributor

@josevalim josevalim commented Jan 22, 2014

❤️ 💚 💙 💛 💜
@josevalim
Copy link
Contributor

@josevalim josevalim commented Jan 22, 2014

:shipit:
josevalim added a commit that referenced this pull request Jan 22, 2014
@josevalim
Merge pull request #2835 from plataformatec/secrets
Loading status checks…
7a9ae13 
Add support for Rails 4.1 secrets.
@josevalim josevalim merged commit 7a9ae13 into master Jan 22, 2014
1 check was pending
1 check was pending
default The Travis CI build is in progress
Details
@josevalim josevalim deleted the secrets branch Jan 22, 2014
@lucasmazza lucasmazza mentioned this pull request Jan 22, 2014
Closed
@arthurnn
Copy link

@arthurnn arthurnn commented Jan 3, 2015

❤️
@arthurnn arthurnn mentioned this pull request Jan 3, 2015
Merged
@redbar0n

This comment has been minimized.

Sign in to view
Copy link
Contributor

@redbar0n redbar0n commented on eba91e6 Feb 5, 2015

With the if-condition in devise.rb I got this error:

/.rvm/gems/ruby-2.0.0-p247/gems/activesupport-3.2.13/lib/active_support/dependencies.rb:245:in `load': /Users/Magne/Workspace/bloggery/config/initializers/devise.rb:9: syntax error, unexpected '<' (SyntaxError)
<% if rails_4? -%>
^
/projectname/config/initializers/devise.rb:9: syntax error, unexpected tFID, expecting keyword_end
<% if rails_4? -%>
^

So it doesn't seem to be as backwards compatible as intended.

I fixed it and submitted this pull request: #3451
@md5 md5 mentioned this pull request Apr 18, 2017
Merged
md5 added a commit to appropriate/ohana-api-la that referenced this pull request Apr 21, 2017
@md5
Update setup_heroku script
Loading status checks…
ae47886 
1. Stop provisioning DEVISE_SECRET_KEY since a separate setting for Devise is not needed with modern versions of Devise and Rails 4+ (cf. heartcombo/devise#2835). The devise.rb initializer has been updated to allow the application to start without ENV['DEVISE_SECRET_KEY'], in which case Devise will use Rails.application.config.secret_key_base (controlled by ENV['SECRET_TOKEN'])
2. Allow the script to be run idempotently
3. Check if a Heroku add-on is installed before calling "heroku addons:create"
4. Check if SECRET_TOKEN is set before generating one
5. Use "rake secret" instead of Python for UUID generation, since this is a Rails project
6. Add quotaguard:starter addon (cf. codeforamerica/ohana-api#415)
monfresh added a commit to codeforamerica/ohana-api that referenced this pull request Apr 27, 2017
@md5 @monfresh
Update setup_heroku script
Loading status checks…
fbdd805 
1. Stop provisioning DEVISE_SECRET_KEY since a separate setting for Devise is not needed with modern versions of Devise and Rails 4+ (cf. heartcombo/devise#2835). The devise.rb initializer has been updated to allow the application to start without ENV['DEVISE_SECRET_KEY'], in which case Devise will use Rails.application.config.secret_key_base (controlled by ENV['SECRET_TOKEN'])
2. Allow the script to be run idempotently
3. Check if a Heroku add-on is installed before calling "heroku addons:create"
4. Check if SECRET_TOKEN is set before generating one
5. Use "rake secret" instead of Python for UUID generation, since this is a Rails project
6. Add quotaguard:starter addon (cf. #415)
@JordanLyons JordanLyons mentioned this pull request May 1, 2017
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Linked issues

Successfully merging this pull request may close these issues.

None yet

4 participants
@lucasmazza @josevalim @arthurnn @redbar0n
You can’t perform that action at this time.