Skip to content
Permalink
Browse files
Introduce (in /Users/jeremy/rails/git/trunk) to output a crytographic…
…ally secure secret key for use with cookie sessions.

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8400 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
  • Loading branch information
jeremy committed Dec 15, 2007
1 parent 887870f commit 70117b02949ccd724735aec8f4f19db4171e9e05
Showing with 14 additions and 1 deletion.
  1. +3 −0 actionpack/lib/action_controller/session/cookie_store.rb
  2. +2 −0 railties/CHANGELOG
  3. +9 −1 railties/lib/tasks/misc.rake
@@ -34,6 +34,9 @@
# defaults to 'SHA1' but may be any digest provided by OpenSSL,
# such as 'MD5', 'RIPEMD160', 'SHA256', etc.
#
# To generate a secret key for an existing application, run
# `rake generate:secret` and set the key in config/environment.rb
#
# Note that changing digest or secret invalidates all existing sessions!
class CGI::Session::CookieStore
# Cookies can typically store 4096 bytes.
@@ -1,5 +1,7 @@
*SVN*

* Introduce `rake generate:secret` to output a crytographically secure secret key for use with cookie sessions. #xxxx [update from Trac]

* Fixed that local database creation should consider 127.0.0.1 local #9026 [parcelbrat]

* Fixed that functional tests generated for scaffolds should use fixture calls instead of hard-coded IDs #10435 [boone]
@@ -1,4 +1,12 @@
task :default => :test
task :environment do
require(File.join(RAILS_ROOT, 'config', 'environment'))
end
end

require 'rails_generator/secret_key_generator'
namespace :generate do
desc 'Generate a crytographically secure secret key. This is typically used to generate a secret for cookie sessions. Pass a unique identifier to the generator using ID="some unique identifier" for greater security.'
task :secret do
puts Rails::SecretKeyGenerator.new(ENV['ID']).generate_secret
end
end

0 comments on commit 70117b0

Please sign in to comment.