diff options
author | Benjamin Fleischer <github@benjaminfleischer.com> | 2014-10-27 12:04:37 -0500 |
---|---|---|
committer | Benjamin Fleischer <github@benjaminfleischer.com> | 2014-11-02 21:21:09 -0600 |
commit | db5f1a46f26ed2b8359d3dde3398dd1a8ca443d4 (patch) | |
tree | bd28f394bf7a6d2e093fdb4b94193de54ac6ac99 /railties/test/application/middleware | |
parent | 1d6d0cc2455f65454f7cb8f938204cddf6380e24 (diff) | |
download | rails-db5f1a46f26ed2b8359d3dde3398dd1a8ca443d4.tar.gz rails-db5f1a46f26ed2b8359d3dde3398dd1a8ca443d4.tar.bz2 rails-db5f1a46f26ed2b8359d3dde3398dd1a8ca443d4.zip |
`secret_token` is now saved in `Rails.application.secrets.secret_token`
- `secrets.secret_token` is now used in all places `config.secret_token` was
- `secrets.secret_token`, when not present in `config/secrets.yml`,
now falls back to the value of `config.secret_token`
- when `secrets.secret_token` is set, it over-writes
`config.secret_token` so they are the same (for backwards-compatibility)
- Update docs to reference app.secrets in all places
- Remove references to `config.secret_token`, `config.secret_key_base`
- Warn that missing secret_key_base is deprecated
- Add tests for secret_token, key_generator, and message_verifier
- the legacy key generator is used with the message verifier when
secrets.secret_key_base is blank and secret_token is set
- app.key_generator raises when neither secrets.secret_key_base nor
secret_token are set
- app.env_config raises when neither secrets.secret_key_base nor
secret_token are set
- Add changelog
Run focused tests via
ruby -w -Itest test/application/configuration_test.rb -n '/secret_|key_/'
Diffstat (limited to 'railties/test/application/middleware')
-rw-r--r-- | railties/test/application/middleware/session_test.rb | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/railties/test/application/middleware/session_test.rb b/railties/test/application/middleware/session_test.rb index 31a64c2f5a..eb7885e5b1 100644 --- a/railties/test/application/middleware/session_test.rb +++ b/railties/test/application/middleware/session_test.rb @@ -203,7 +203,7 @@ module ApplicationTests RUBY add_to_config <<-RUBY - config.secret_token = "3b7cd727ee24e8444053437c36cc66c4" + secrets.secret_token = "3b7cd727ee24e8444053437c36cc66c4" RUBY require "#{app_path}/config/environment" @@ -258,7 +258,7 @@ module ApplicationTests RUBY add_to_config <<-RUBY - config.secret_token = "3b7cd727ee24e8444053437c36cc66c4" + secrets.secret_token = "3b7cd727ee24e8444053437c36cc66c4" RUBY require "#{app_path}/config/environment" @@ -317,7 +317,7 @@ module ApplicationTests RUBY add_to_config <<-RUBY - config.secret_token = "3b7cd727ee24e8444053437c36cc66c4" + secrets.secret_token = "3b7cd727ee24e8444053437c36cc66c4" secrets.secret_key_base = nil RUBY @@ -334,7 +334,7 @@ module ApplicationTests get '/foo/read_signed_cookie' assert_equal '2', last_response.body - verifier = ActiveSupport::MessageVerifier.new(app.config.secret_token) + verifier = ActiveSupport::MessageVerifier.new(app.secrets.secret_token) get '/foo/read_raw_cookie' assert_equal 2, verifier.verify(last_response.body)['foo'] |