diff options
| author | Carlhuda <carlhuda@engineyard.com> | 2010-03-04 15:06:25 -0800 |
|---|---|---|
| committer | Carlhuda <carlhuda@engineyard.com> | 2010-03-04 16:05:52 -0800 |
| commit | e311622e7b20b3fdeab6a93418c8a45c6e7137b6 (patch) | |
| tree | a0b7ce433c1ce65da2bc5e9fdb9e8d70753537da /railties/lib/generators | |
| parent | 48bb3b3904806abaea7c62961559c03e689dd12f (diff) | |
| download | rails-e311622e7b20b3fdeab6a93418c8a45c6e7137b6.tar.gz rails-e311622e7b20b3fdeab6a93418c8a45c6e7137b6.tar.bz2 rails-e311622e7b20b3fdeab6a93418c8a45c6e7137b6.zip | |
Deprecated ActionController::Base.session_options= and ActionController::Base.session_store= in favor of a config.session_store method (which takes params) and a config.cookie_secret variable, which is used in various secret scenarios. The old AC::Base options will continue to work with deprecation warnings.
Diffstat (limited to 'railties/lib/generators')
2 files changed, 3 insertions, 8 deletions
diff --git a/railties/lib/generators/rails/app/templates/config/initializers/cookie_verification_secret.rb.tt b/railties/lib/generators/rails/app/templates/config/initializers/cookie_verification_secret.rb.tt index 451dbe1d1c..be627fbbcc 100644 --- a/railties/lib/generators/rails/app/templates/config/initializers/cookie_verification_secret.rb.tt +++ b/railties/lib/generators/rails/app/templates/config/initializers/cookie_verification_secret.rb.tt @@ -4,4 +4,4 @@ # If you change this key, all old signed cookies will become invalid! # Make sure the secret is at least 30 characters and all random, # no regular words or you'll be exposed to dictionary attacks. -ActionController::Base.cookie_verifier_secret = '<%= app_secret %>' +Rails.application.config.cookie_secret = '<%= app_secret %>' diff --git a/railties/lib/generators/rails/app/templates/config/initializers/session_store.rb.tt b/railties/lib/generators/rails/app/templates/config/initializers/session_store.rb.tt index 2f04ed8fb0..edd2273fb0 100644 --- a/railties/lib/generators/rails/app/templates/config/initializers/session_store.rb.tt +++ b/railties/lib/generators/rails/app/templates/config/initializers/session_store.rb.tt @@ -1,12 +1,7 @@ # Be sure to restart your server when you modify this file. -# Your secret key for verifying cookie session data integrity. -# If you change this key, all old sessions will become invalid! -# Make sure the secret is at least 30 characters and all random, -# no regular words or you'll be exposed to dictionary attacks. -Rails.application.config.action_dispatch.session = { - :key => '_<%= app_name %>_session', - :secret => '<%= app_secret %>' +Rails.application.config.session_store :cookie_store, { + :key => '_<%= app_name %>_session', } # Use the database for sessions instead of the cookie-based default, |