aboutsummaryrefslogtreecommitdiffstats
path: root/railties/lib/rails/application.rb
Commit message (Collapse)AuthorAgeFilesLines
* No need to sync config.secret_token and secrets.secret_tokenRafael Mendonça França2014-11-101-7/+2
| | | | Just prefer secrets over config
* Merge pull request #16535 from bf4/patch-1Rafael Mendonça França2014-11-101-4/+16
|\ | | | | | | Allow fallback to LegacyKeyGenerator when secret_key_base is not set but secrets.secret_token is
| * `secret_token` is now saved in `Rails.application.secrets.secret_token`Benjamin Fleischer2014-11-021-4/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - `secrets.secret_token` is now used in all places `config.secret_token` was - `secrets.secret_token`, when not present in `config/secrets.yml`, now falls back to the value of `config.secret_token` - when `secrets.secret_token` is set, it over-writes `config.secret_token` so they are the same (for backwards-compatibility) - Update docs to reference app.secrets in all places - Remove references to `config.secret_token`, `config.secret_key_base` - Warn that missing secret_key_base is deprecated - Add tests for secret_token, key_generator, and message_verifier - the legacy key generator is used with the message verifier when secrets.secret_key_base is blank and secret_token is set - app.key_generator raises when neither secrets.secret_key_base nor secret_token are set - app.env_config raises when neither secrets.secret_key_base nor secret_token are set - Add changelog Run focused tests via ruby -w -Itest test/application/configuration_test.rb -n '/secret_|key_/'
* | add lib to $LOAD_PATH on application inhertence. fixes #17106Aaron Patterson2014-11-041-5/+8
|/
* Standardize on `Rails.application` [ci skip]Tamir Duberstein2014-09-191-1/+1
| | | | This seems to be the style settled on in most of the templates.
* Dont mess with default order engines loadWashington Luiz2014-09-021-8/+9
| | | | | | | When copying migrations some engines might depend on schema from other engine so we can't blindly reverse all railties collection as that would affect the order they were originally loaded. This patch helps to only apply the order from engines specified in `railties_order`
* Add config option for cookies digestŁukasz Strzałkowski2014-08-121-1/+2
| | | | | | You can now configure custom digest for cookies in the same way as `serializer`: config.action_dispatch.cookies_digest = 'SHA256'
* add a new constructor that runs load hooksAaron Patterson2014-08-071-0/+4
|
* defer running after_config hooks until after the object is allocatedAaron Patterson2014-08-071-7/+22
|
* lazily instantiate application subclassesAaron Patterson2014-08-061-3/+1
| | | | this means we can meaningfully override methods in the subclass
* Add Rails::Application#config_forRafael Mendonça França2014-07-151-0/+32
| | | | | This is a convenience for loading configuration for the current Rails environment.
* rake railties:install:migrations respects the order of railtiesArun Agrawal2014-05-271-0/+9
| | | | This PR fixes #8930 and some stuff from #8985
* Make console and generators blocks works at Application instance levelRafael Mendonça França2014-04-141-0/+12
| | | | | | | Like rake tasks and runner blocks these blocks should also being shared between applications since they are stored at the classes. Fixes #14748
* Rails.application should be set inside before_configuration hookRafael Mendonça França2014-04-071-1/+3
| | | | Fixes #14620
* Remove useless begin..endCarlos Antonio da Silva2014-04-071-2/+1
|
* Ensure we supply Kernel#y for 1.9 tooMatthew Draper2014-04-041-0/+19
| | | | | | | | In 1.9, it doesn't live in its own file, so we'll have to define it ourselves. Check RUBY_VERSION, instead of rescuing the require, because we want this to break if `psych/y` moves in a future Ruby release.
* Merge pull request #13945 from rails/json_cookie_serializer_improvementsGuillermo Iguaran2014-02-131-1/+1
|\ | | | | Cookies serializer improvements
| * Renamed session_serializer option to cookies_serializerGodfrey Chan2014-02-111-1/+1
| |
* | do not crash when `config/secrets.yml` is blank.Yves Senn2014-02-121-1/+2
|/
* Allow session serializer key in config.session_storeLukasz Sarnacki2014-01-291-1/+2
| | | | | | | | | | | | | MessageEncryptor has :serializer option, where any serializer object can be passed. This commit make it possible to set this serializer from configuration level. There are predefined serializers (:marshal_serializer, :json_serialzier) and custom serializer can be passed as String, Symbol (camelized and constantized in ActionDispatch::Session namepspace) or serializer object. Default :json_serializer was also added to generators to provide secure defalt.
* Better missing `secret_key_base` error messageschneems2013-12-241-1/+1
| | | | | | | | | | | | | | Previously the error was: ``` RuntimeError: You must set secret_key_base in your app's config ``` Will now be: ``` RuntimeError: Missing `secret_key_base` for 'production' environment, set this value in `config/secrets.yml` ```
* Make possible to use symbol as the verifier nameRafael Mendonça França2013-12-191-1/+1
|
* Change the message verifier argument to verifier_nameRafael Mendonça França2013-12-191-6/+6
|
* Rename tokens.yml to secrets.ymlGuillermo Iguaran2013-12-121-1/+1
|
* Load secret_key_base from tokens.yml, fallback to config.secret_key_baseGuillermo Iguaran2013-12-121-6/+28
|
* Make salt argument required for message verifierRafael Mendonça França2013-12-041-6/+6
|
* Fix typosRafael Mendonça França2013-12-041-2/+2
|
* No need to configure saltsRafael Mendonça França2013-12-041-8/+4
|
* Make possibile to get different message verifiersRafael Mendonça França2013-12-041-9/+18
|
* Add missing requireRafael Mendonça França2013-12-041-0/+1
|
* Rename verifier to message_verifierRafael Mendonça França2013-12-041-4/+4
|
* Add documentation and CHANGELOG entry to Application#verifierRafael Mendonça França2013-12-041-0/+9
|
* Add application verifierRafael Mendonça França2013-12-041-0/+12
| | | | | | | | It is an application global verifier that can be used to generate and verify signed messages. See the documentation of ActiveSupport::MessageVerifier for more information.
* clean up some warnings on trunk rubyAaron Patterson2013-10-311-1/+1
|
* This is not needed anymore, before_initialize block can access configSantiago Pastorino2013-07-141-1/+0
|
* #11381: Ignore config.eager_load=true for rakePaul Nikitochkin2013-07-101-1/+2
| | | | Closes #11381
* Allowing multiple rails applications in the same ruby instance.wangjohn2013-06-301-7/+78
| | | | | This change provides the ability to create a new application with a configuration which can be specified.
* Removing a repetitive comment and removing a deprecation warning.wangjohn2013-06-171-24/+7
| | | | | | | The comment on the +env_config+ method is repetitive, likely to get outdated, and provides no useful information which cannot be gleamed from the code. I'm therefore removing it. I'm also refactoring the check for the presence of a secret_token in the configuration.
* Revert "Merge pull request #10961 from wangjohn/changing_rails_env_config"Santiago Pastorino2013-06-171-7/+24
| | | | | | This reverts commit 7098d6c9ab28931acc9562a00037567609f9e529, reversing changes made to 9ec2e2ee91568af24e09760a6de2890b89c33f56. This make some tests fail /cc @wangjohn
* Merge pull request #10968 from wangjohn/refactoring_rails_application_classSantiago Pastorino2013-06-171-95/+8
|\ | | | | Creating a class to build the default middleware stack.
| * Creating a class to build the default middleware stack.wangjohn2013-06-161-95/+8
| | | | | | | | | | | | | | A lot of logic for building the default middleware stack is currently kept in Application class, but this can be encapsulated and made more modular by being moved to its own class. Also refactored a couple of the helper methods.
* | Removing a repetitive comment and refactoring the Application class inwangjohn2013-06-161-24/+7
|/ | | | | | | | | Railties. The comment on the +env_config+ method is repetitive, likely to get outdated, and provides no useful information which cannot be gleamed from the code. I'm therefore removing it. I'm also refactoring the check for the presence of a secret_token in the configuration.
* `initialize_on_precompile` is not used anymore.Terence Lee2013-06-131-3/+1
|
* Fix generating route from engine to other enginePiotr Sarnacki2013-05-031-0/+1
| | | | | | | | | | | | A regression was introduced in 5b3bb6, generating route from within an engine to an another engine resulted in prefixing a path with the SCRIPT_NAME value. The regression was caused by the fact that SCRIPT_NAME should be appended only if it's the SCRIPT_NAME for the application, not if it's SCRIPT_NAME from the current engine. closes #10409
* Remove comments about removing LegacyKeyGenerator in 4.1Trevor Turk2013-04-031-1/+0
|
* Rename DummyKeyGenerator -> LegacyKeyGeneratorTrevor Turk2013-04-021-2/+2
|
* Allow transparent upgrading of legacy signed cookies to encrypted cookies; ↵Trevor Turk2013-03-281-6/+7
| | | | Automatically configure cookie-based sessions to use the best cookie jar given the app's config
* Introduce UpgradeLegacySignedCookieJar to transparently upgrade existing ↵Trevor Turk2013-03-241-0/+1
| | | | signed cookies generated by Rails 3 to avoid invalidating them when upgrading to Rails 4
* Initialize @app_env_config now that the var name has changedCarlos Antonio da Silva2013-03-191-1/+1
| | | | Check 862389c9537dbb6f65fd26c4325e07607ed437b5 for more background.
* Use @app_env_config instead of @env_configJosé Valim2013-03-181-1/+1
| | | | Check pull request #9789 for more information.