rake task for generate secret_token

- adapt session secret rake task for rails3
- added secret_token.rb to .gitignore
pull/156/head
Christian Ratz 12 years ago
parent 8b25f10b90
commit d8c181b16e
  1. 2
      .gitignore
  2. 32
      lib/tasks/initializers.rake

2
.gitignore vendored

@ -20,7 +20,7 @@
/config/configuration.yml
/config/database.yml
/config/email.yml
#/config/initializers/session_store.rb
/config/initializers/secret_token.rb
/coverage
/db/*.db
/db/*.sqlite3

@ -14,35 +14,25 @@
desc 'Generates a configuration file for cookie store sessions.'
file 'config/initializers/session_store.rb' do
path = Rails.root.join('config/initializers/session_store.rb').to_s
secret = SecureRandom.hex(40)
file 'config/initializers/secret_token.rb' do
path = Rails.root.join('config/initializers/secret_token.rb').to_s
secret = SecureRandom.hex(128)
File.open(path, 'w') do |f|
f.write <<"EOF"
# This file was generated by 'rake config/initializers/session_store.rb',
# This file was generated by 'rake config/initializers/secret_token.rb',
# and should not be made visible to public.
# If you have a load-balancing Redmine cluster, you will need to use the
# If you have a load-balancing OpenProject cluster, you will need to use the
# same version of this file on each machine. And be sure to restart your
# server when you modify this file.
# Your secret key for verifying cookie session data integrity. If you
# change this key, all old sessions will become invalid! Make sure the
# secret is at least 30 characters and all random, no regular words or
# you'll be exposed to dictionary attacks.
ActionController::Base.session = {
:key => '_chiliproject_session',
#
# Uncomment and edit the :session_path below if are hosting your Redmine
# at a suburi and don't want the top level path to access the cookies
#
# See: http://www.redmine.org/issues/3968
#
# :session_path => '/url_path_to/your/redmine/',
:secret => '#{secret}'
}
# Your secret key for verifying the integrity of signed cookies.
# If you change this key, all old signed cookies will become invalid!
# Make sure the secret is at least 30 characters and all random,
# no regular words or you'll be exposed to dictionary attacks.
OpenProject::Application.config.secret_token = '#{secret}'
EOF
end
end
desc 'Generates a configuration file for cookie store sessions.'
task :generate_session_store => ['config/initializers/session_store.rb']
task :generate_secret_token => ['config/initializers/secret_token.rb']

Loading…
Cancel
Save