aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--actionpack/lib/action_controller/session/cookie_store.rb3
-rw-r--r--railties/CHANGELOG2
-rw-r--r--railties/lib/tasks/misc.rake10
3 files changed, 14 insertions, 1 deletions
diff --git a/actionpack/lib/action_controller/session/cookie_store.rb b/actionpack/lib/action_controller/session/cookie_store.rb
index 0da092225a..e33a241e99 100644
--- a/actionpack/lib/action_controller/session/cookie_store.rb
+++ b/actionpack/lib/action_controller/session/cookie_store.rb
@@ -34,6 +34,9 @@ require 'openssl' # to generate the HMAC message digest
# defaults to 'SHA1' but may be any digest provided by OpenSSL,
# such as 'MD5', 'RIPEMD160', 'SHA256', etc.
#
+# To generate a secret key for an existing application, run
+# `rake generate:secret` and set the key in config/environment.rb
+#
# Note that changing digest or secret invalidates all existing sessions!
class CGI::Session::CookieStore
# Cookies can typically store 4096 bytes.
diff --git a/railties/CHANGELOG b/railties/CHANGELOG
index 06f56d3928..36d03fe2db 100644
--- a/railties/CHANGELOG
+++ b/railties/CHANGELOG
@@ -1,5 +1,7 @@
*SVN*
+* Introduce `rake generate:secret` to output a crytographically secure secret key for use with cookie sessions. #xxxx [update from Trac]
+
* Fixed that local database creation should consider 127.0.0.1 local #9026 [parcelbrat]
* Fixed that functional tests generated for scaffolds should use fixture calls instead of hard-coded IDs #10435 [boone]
diff --git a/railties/lib/tasks/misc.rake b/railties/lib/tasks/misc.rake
index 02ba886061..d145db0934 100644
--- a/railties/lib/tasks/misc.rake
+++ b/railties/lib/tasks/misc.rake
@@ -1,4 +1,12 @@
task :default => :test
task :environment do
require(File.join(RAILS_ROOT, 'config', 'environment'))
-end \ No newline at end of file
+end
+
+require 'rails_generator/secret_key_generator'
+namespace :generate do
+ desc 'Generate a crytographically secure secret key. This is typically used to generate a secret for cookie sessions. Pass a unique identifier to the generator using ID="some unique identifier" for greater security.'
+ task :secret do
+ puts Rails::SecretKeyGenerator.new(ENV['ID']).generate_secret
+ end
+end
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-02 18:08:36 +0000