diff options
-rw-r--r-- | activesupport/CHANGELOG.md | 12 | ||||
-rw-r--r-- | guides/bug_report_templates/action_controller_gem.rb | 1 | ||||
-rw-r--r-- | guides/bug_report_templates/action_controller_master.rb | 1 | ||||
-rw-r--r-- | railties/lib/rails/application.rb | 6 | ||||
-rw-r--r-- | railties/test/application/configuration_test.rb | 26 |
5 files changed, 44 insertions, 2 deletions
diff --git a/activesupport/CHANGELOG.md b/activesupport/CHANGELOG.md index 493ebeb01f..c95f95d076 100644 --- a/activesupport/CHANGELOG.md +++ b/activesupport/CHANGELOG.md @@ -1,3 +1,15 @@ +* Deprecate `secrets.secret_token`. + + The architecture for secrets had a big upgrade between Rails 3 and Rails 4, + when the default changed from using `secret_token` to `secret_key_base`. + + `secret_token` has been soft deprecated in documentation for four years + but is still in place to support apps created before Rails 4. + Deprecation warnings have been added to help developers upgrade their + applications to `secret_key_base`. + + *claudiob*, *Kasper Timm Hansen* + * Return an instance of `HashWithIndifferentAccess` from `HashWithIndifferentAccess#transform_keys`. *Yuji Yaginuma* diff --git a/guides/bug_report_templates/action_controller_gem.rb b/guides/bug_report_templates/action_controller_gem.rb index 341724cdcd..557b1d7bef 100644 --- a/guides/bug_report_templates/action_controller_gem.rb +++ b/guides/bug_report_templates/action_controller_gem.rb @@ -22,7 +22,6 @@ require "action_controller/railtie" class TestApp < Rails::Application config.root = __dir__ config.session_store :cookie_store, key: "cookie_store_key" - secrets.secret_token = "secret_token" secrets.secret_key_base = "secret_key_base" config.logger = Logger.new($stdout) diff --git a/guides/bug_report_templates/action_controller_master.rb b/guides/bug_report_templates/action_controller_master.rb index 558d9bf3e2..cf76de80d2 100644 --- a/guides/bug_report_templates/action_controller_master.rb +++ b/guides/bug_report_templates/action_controller_master.rb @@ -20,7 +20,6 @@ require "action_controller/railtie" class TestApp < Rails::Application config.root = __dir__ - secrets.secret_token = "secret_token" secrets.secret_key_base = "secret_key_base" config.logger = Logger.new($stdout) diff --git a/railties/lib/rails/application.rb b/railties/lib/rails/application.rb index 24f5eeae87..4fd20185b1 100644 --- a/railties/lib/rails/application.rb +++ b/railties/lib/rails/application.rb @@ -6,6 +6,7 @@ require "active_support/core_ext/object/blank" require "active_support/key_generator" require "active_support/message_verifier" require "active_support/encrypted_configuration" +require "active_support/deprecation" require_relative "engine" require_relative "secrets" @@ -398,6 +399,11 @@ module Rails # Fallback to config.secret_token if secrets.secret_token isn't set secrets.secret_token ||= config.secret_token + if secrets.secret_token.present? + ActiveSupport::Deprecation.warn \ + "`secrets.secret_token` is deprecated in favor of `secret_key_base` and will be removed in Rails 6.0." + end + secrets end end diff --git a/railties/test/application/configuration_test.rb b/railties/test/application/configuration_test.rb index c1a80eaeaf..bb8cc0876c 100644 --- a/railties/test/application/configuration_test.rb +++ b/railties/test/application/configuration_test.rb @@ -487,6 +487,32 @@ module ApplicationTests assert_equal "some_value", Rails.application.message_verifier(:sensitive_value).verify(message) end + test "config.secret_token is deprecated" do + app_file "config/initializers/secret_token.rb", <<-RUBY + Rails.application.config.secret_token = "b3c631c314c0bbca50c1b2843150fe33" + RUBY + + app "production" + + assert_deprecated(/secret_token/) do + app.secrets + end + end + + test "secrets.secret_token is deprecated" do + app_file "config/secrets.yml", <<-YAML + production: + secret_token: "b3c631c314c0bbca50c1b2843150fe33" + YAML + + app "production" + + assert_deprecated(/secret_token/) do + app.secrets + end + end + + test "raises when secret_key_base is blank" do app_file "config/initializers/secret_token.rb", <<-RUBY Rails.application.credentials.secret_key_base = nil |