diff options
| author | Trevor Turk <trevorturk@gmail.com> | 2013-03-28 14:35:48 -0500 |
|---|---|---|
| committer | Trevor Turk <trevorturk@gmail.com> | 2013-03-28 14:38:36 -0500 |
| commit | 274a3aa64cb903c52a41d1767cac0bc3eae44172 (patch) | |
| tree | e89b091c44285182ff8d66725018f1b46100a88a /railties/lib | |
| parent | 69c6513616bf92d5d73867a201bf92dc39ec4a07 (diff) | |
| download | rails-274a3aa64cb903c52a41d1767cac0bc3eae44172.tar.gz rails-274a3aa64cb903c52a41d1767cac0bc3eae44172.tar.bz2 rails-274a3aa64cb903c52a41d1767cac0bc3eae44172.zip | |
Allow transparent upgrading of legacy signed cookies to encrypted cookies; Automatically configure cookie-based sessions to use the best cookie jar given the app's config
Diffstat (limited to 'railties/lib')
| -rw-r--r-- | railties/lib/rails/application.rb | 13 | ||||
| -rw-r--r-- | railties/lib/rails/generators/rails/app/templates/config/initializers/session_store.rb.tt | 2 |
2 files changed, 8 insertions, 7 deletions
diff --git a/railties/lib/rails/application.rb b/railties/lib/rails/application.rb index 563905e8b3..455ceed5f8 100644 --- a/railties/lib/rails/application.rb +++ b/railties/lib/rails/application.rb @@ -1,4 +1,5 @@ require 'fileutils' +require 'active_support/core_ext/object/blank' # FIXME remove DummyKeyGenerator and this require in 4.1 require 'active_support/key_generator' require 'rails/engine' @@ -122,7 +123,8 @@ module Rails # # * "action_dispatch.parameter_filter" => config.filter_parameters # * "action_dispatch.redirect_filter" => config.filter_redirect - # * "action_dispatch.secret_token" => config.secret_token, + # * "action_dispatch.secret_token" => config.secret_token + # * "action_dispatch.secret_key_base" => config.secret_key_base # * "action_dispatch.show_exceptions" => config.action_dispatch.show_exceptions # * "action_dispatch.show_detailed_exceptions" => config.consider_all_requests_local # * "action_dispatch.logger" => Rails.logger @@ -135,13 +137,12 @@ module Rails # def env_config @app_env_config ||= begin - if config.secret_key_base.nil? - ActiveSupport::Deprecation.warn "You didn't set config.secret_key_base in config/initializers/secret_token.rb file. " + - "This should be used instead of the old deprecated config.secret_token in order to use the new EncryptedCookieStore. " + - "To convert safely to the encrypted store (without losing existing cookies and sessions), see http://guides.rubyonrails.org/upgrading_ruby_on_rails.html#action-pack" + if config.secret_key_base.blank? + ActiveSupport::Deprecation.warn "You didn't set config.secret_key_base. " + + "Read the upgrade documentation to learn more about this new config option." if config.secret_token.blank? - raise "You must set config.secret_key_base in your app's config" + raise "You must set config.secret_key_base in your app's config." end end diff --git a/railties/lib/rails/generators/rails/app/templates/config/initializers/session_store.rb.tt b/railties/lib/rails/generators/rails/app/templates/config/initializers/session_store.rb.tt index df07de9922..4a099a4ce2 100644 --- a/railties/lib/rails/generators/rails/app/templates/config/initializers/session_store.rb.tt +++ b/railties/lib/rails/generators/rails/app/templates/config/initializers/session_store.rb.tt @@ -1,3 +1,3 @@ # Be sure to restart your server when you modify this file. -<%= app_const %>.config.session_store :encrypted_cookie_store, key: <%= "'_#{app_name}_session'" %> +<%= app_const %>.config.session_store :cookie_store, key: <%= "'_#{app_name}_session'" %> |