Allow users to change the default salt if they want, shouldn't be necessary

author: Santiago Pastorino <santiago@wyeworks.com> 2012-11-01 20:02:09 -0200
committer: Santiago Pastorino <santiago@wyeworks.com> 2012-11-03 14:57:54 -0200
commit: 47da5744741f0af668d2f915e09003be35dcce66 (patch)
tree: 5dcaf9cce5cc8af0f6b97ca34d779881ef508eed /actionpack/lib/action_controller
parent: 5d23925f84f0241e28b3fbce740150136ba08254 (diff)
download: rails-47da5744741f0af668d2f915e09003be35dcce66.tar.gz
rails-47da5744741f0af668d2f915e09003be35dcce66.tar.bz2
rails-47da5744741f0af668d2f915e09003be35dcce66.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/actionpack/lib/action_controller/metal/http_authentication.rb b/actionpack/lib/action_controller/metal/http_authentication.rb
index 1537b8b806..d3b5bafee1 100644
--- a/actionpack/lib/action_controller/metal/http_authentication.rb
+++ b/actionpack/lib/action_controller/metal/http_authentication.rb
@@ -249,8 +249,9 @@ module ActionController
       end
 
       def secret_token(request)
-        key_generator = request.env["action_dispatch.key_generator"]
-        key_generator.generate_key('http authentication')
+        key_generator  = request.env["action_dispatch.key_generator"]
+        http_auth_salt = request.env["action_dispatch.http_auth_salt"]
+        key_generator.generate_key(http_auth_salt)
       end
 
       # Uses an MD5 digest based on time to generate a value to be used only once.
author	Santiago Pastorino <santiago@wyeworks.com>	2012-11-01 20:02:09 -0200
committer	Santiago Pastorino <santiago@wyeworks.com>	2012-11-03 14:57:54 -0200
commit	47da5744741f0af668d2f915e09003be35dcce66 (patch)
tree	5dcaf9cce5cc8af0f6b97ca34d779881ef508eed /actionpack/lib/action_controller
parent	5d23925f84f0241e28b3fbce740150136ba08254 (diff)
download	rails-47da5744741f0af668d2f915e09003be35dcce66.tar.gz rails-47da5744741f0af668d2f915e09003be35dcce66.tar.bz2 rails-47da5744741f0af668d2f915e09003be35dcce66.zip