From 6e66e7d6460b99bb0877a891aa3fbb789b563123 Mon Sep 17 00:00:00 2001
From: David Heinemeier Hansson <david@loudthinking.com>
Date: Sun, 30 Nov 2008 15:53:21 -0600
Subject: Even more polish of the default configration files and split off the
 session store configuration into its own file

---
 railties/configs/initializers/session_store.rb | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 railties/configs/initializers/session_store.rb

(limited to 'railties/configs/initializers')

diff --git a/railties/configs/initializers/session_store.rb b/railties/configs/initializers/session_store.rb
new file mode 100644
index 0000000000..29bfbe68a8
--- /dev/null
+++ b/railties/configs/initializers/session_store.rb
@@ -0,0 +1,13 @@
+# Your secret key for verifying cookie session data integrity.
+# If you change this key, all old sessions will become invalid!
+# Make sure the secret is at least 30 characters and all random, 
+# no regular words or you'll be exposed to dictionary attacks.
+ActionController::Base.session = {
+  :session_key => '_<%= app_name %>_session',
+  :secret      => '<%= app_secret %>'
+}
+
+# Use the database for sessions instead of the cookie-based default,
+# which shouldn't be used to store highly confidential information
+# (create the session table with "rake db:sessions:create")
+# ActionController::Base.session_store = :active_record_store
-- 
cgit v1.2.3