Permalink
Browse files

Add use of rotating secure key for session

  • Loading branch information...
rwdaigle committed Oct 10, 2012
1 parent 868f861 commit 621327810f4e73c5728d294ae828da1d31bdfea0
Showing with 5 additions and 1 deletion.
  1. +5 −1 config/initializers/secret_token.rb
@@ -4,4 +4,8 @@
# If you change this key, all old signed cookies will become invalid!
# Make sure the secret is at least 30 characters and all random,
# no regular words or you'll be exposed to dictionary attacks.
-Gisted::Application.config.secret_token = 'd2fc36f9a6de8e58fd820e72a2338affcd745548c5fa03045d1abdc13b37dee5165d3b02623c3147ceaead31688199650996c4404434e50b3f1cbce926c54b0a'
+Gisted::Application.config.secret_token = begin
+ ENV['SECUREKEY_BROWN_KEY'].split(",").first
+rescue
+ 'd2fc36f9a6de8e58fd820e72a2338affcd745548c5fa03045d1abdc13b37dee5165d3b02623c3147ceaead31688199650996'
+end

0 comments on commit 6213278

Please sign in to comment.