Skip to content

Commit 70117b0

Browse files
committed
Introduce (in /Users/jeremy/rails/git/trunk) to output a crytographically secure secret key for use with cookie sessions.
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8400 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
1 parent 887870f commit 70117b0

File tree

3 files changed

+14
-1
lines changed

3 files changed

+14
-1
lines changed

actionpack/lib/action_controller/session/cookie_store.rb

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,9 @@
3434
# defaults to 'SHA1' but may be any digest provided by OpenSSL,
3535
# such as 'MD5', 'RIPEMD160', 'SHA256', etc.
3636
#
37+
# To generate a secret key for an existing application, run
38+
# `rake generate:secret` and set the key in config/environment.rb
39+
#
3740
# Note that changing digest or secret invalidates all existing sessions!
3841
class CGI::Session::CookieStore
3942
# Cookies can typically store 4096 bytes.

railties/CHANGELOG

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,7 @@
11
*SVN*
22

3+
* Introduce `rake generate:secret` to output a crytographically secure secret key for use with cookie sessions. #xxxx [update from Trac]
4+
35
* Fixed that local database creation should consider 127.0.0.1 local #9026 [parcelbrat]
46

57
* Fixed that functional tests generated for scaffolds should use fixture calls instead of hard-coded IDs #10435 [boone]

railties/lib/tasks/misc.rake

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,12 @@
11
task :default => :test
22
task :environment do
33
require(File.join(RAILS_ROOT, 'config', 'environment'))
4-
end
4+
end
5+
6+
require 'rails_generator/secret_key_generator'
7+
namespace :generate do
8+
desc 'Generate a crytographically secure secret key. This is typically used to generate a secret for cookie sessions. Pass a unique identifier to the generator using ID="some unique identifier" for greater security.'
9+
task :secret do
10+
puts Rails::SecretKeyGenerator.new(ENV['ID']).generate_secret
11+
end
12+
end

0 commit comments

Comments
 (0)