From 3036475dbb5fe56e31814b312c70ebf8699a95b8 Mon Sep 17 00:00:00 2001 From: Kyle Tolle Date: Sun, 18 Aug 2013 19:42:42 -0600 Subject: [PATCH] Issue #52 - Move secret_key_base to env var Pull the actual value out of the code and reference it from a environment variable instead. Use a new value since the public one was insecure. Put the new value into an env var. Add the encrypted env var to the travis file. --- .travis.yml | 9 ++++++--- config/initializers/secret_token.rb | 3 +-- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/.travis.yml b/.travis.yml index ea35e1a..66c6562 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,6 +1,9 @@ language: ruby rvm: - - 2.0.0 +- 2.0.0 before_script: - - psql -c 'create database tinder_test;' -U postgres - - rake db:migrate +- psql -c 'create database tinder_test;' -U postgres +- rake db:migrate +env: + matrix: + secure: XCqK+WRk7e3sFdR0g3ogCzSYY+Z4Xlmn2TZwAdHjUWbD1Zdfx6c1RmrbqgA9vvQhe31QxPE4zO0eqXVFhV7UpjxeZnt07tHIINh9bstbzKoSzy1dcDqSZTCqlGoNPemYcjpPl9S34ZHYrSP3qXRB4LLCPK8Kt9EtfEPahKg1JPs= diff --git a/config/initializers/secret_token.rb b/config/initializers/secret_token.rb index 99d1634..2c300b5 100644 --- a/config/initializers/secret_token.rb +++ b/config/initializers/secret_token.rb @@ -4,5 +4,4 @@ # If you change this key, all old signed cookies will become invalid! # Make sure the secret is at least 30 characters and all random, # no regular words or you'll be exposed to dictionary attacks. -Tinder::Application.config.secret_token = 'fe31f85b3ebe2a20f1408b9056dc566d53b7ba4db0f5e1957e2da85728c90b591762299bfbf6ee1ad4e1d404f6f5c02ea7fbee895a47f2d12c3151b65bd14829' -Tinder::Application.config.secret_key_base = 'fe31f85b3ebe2a20f1408b9056dc566d53b7ba4db0f5e1957e2da85728c90b591762299bfbf6ee1ad4e1d404f6f5c02ea7fbee895a47f2d12c3151b65bd14829' +Tinder::Application.config.secret_key_base = ENV['SECRET_KEY_BASE']