From 60609bb50d5b99d78a01a945a539cccd061cd7e7 Mon Sep 17 00:00:00 2001 From: Santiago Pastorino Date: Wed, 31 Oct 2012 01:06:46 -0200 Subject: Sign cookies using key deriver --- .../rails/app/templates/config/initializers/secret_token.rb.tt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'railties/lib/rails/generators') diff --git a/railties/lib/rails/generators/rails/app/templates/config/initializers/secret_token.rb.tt b/railties/lib/rails/generators/rails/app/templates/config/initializers/secret_token.rb.tt index 3c5611ca59..d96185ae2a 100644 --- a/railties/lib/rails/generators/rails/app/templates/config/initializers/secret_token.rb.tt +++ b/railties/lib/rails/generators/rails/app/templates/config/initializers/secret_token.rb.tt @@ -7,6 +7,6 @@ # no regular words or you'll be exposed to dictionary attacks. # You can use `rake secret` to generate a secure secret key. -# Make sure your secret_token is kept private +# Make sure your secret_token_key is kept private # if you're sharing your code publicly. -<%= app_const %>.config.secret_token = '<%= app_secret %>' +<%= app_const %>.config.secret_token_key = '<%= app_secret %>' -- cgit v1.2.3 From fb0cea2b8cf61cde1aa4c640b56e896fbe308aa1 Mon Sep 17 00:00:00 2001 From: Santiago Pastorino Date: Tue, 30 Oct 2012 18:12:23 -0200 Subject: Add encrypted cookie store --- .../rails/app/templates/config/initializers/session_store.rb.tt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'railties/lib/rails/generators') diff --git a/railties/lib/rails/generators/rails/app/templates/config/initializers/session_store.rb.tt b/railties/lib/rails/generators/rails/app/templates/config/initializers/session_store.rb.tt index 4a099a4ce2..df07de9922 100644 --- a/railties/lib/rails/generators/rails/app/templates/config/initializers/session_store.rb.tt +++ b/railties/lib/rails/generators/rails/app/templates/config/initializers/session_store.rb.tt @@ -1,3 +1,3 @@ # Be sure to restart your server when you modify this file. -<%= app_const %>.config.session_store :cookie_store, key: <%= "'_#{app_name}_session'" %> +<%= app_const %>.config.session_store :encrypted_cookie_store, key: <%= "'_#{app_name}_session'" %> -- cgit v1.2.3 From 4faa0418453055bc81456685d418d486252cc379 Mon Sep 17 00:00:00 2001 From: Santiago Pastorino Date: Fri, 2 Nov 2012 20:27:51 -0200 Subject: Rename secret_token_key to secret_key_base --- .../rails/app/templates/config/initializers/secret_token.rb.tt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'railties/lib/rails/generators') diff --git a/railties/lib/rails/generators/rails/app/templates/config/initializers/secret_token.rb.tt b/railties/lib/rails/generators/rails/app/templates/config/initializers/secret_token.rb.tt index d96185ae2a..e5caab3672 100644 --- a/railties/lib/rails/generators/rails/app/templates/config/initializers/secret_token.rb.tt +++ b/railties/lib/rails/generators/rails/app/templates/config/initializers/secret_token.rb.tt @@ -7,6 +7,6 @@ # no regular words or you'll be exposed to dictionary attacks. # You can use `rake secret` to generate a secure secret key. -# Make sure your secret_token_key is kept private +# Make sure your secret_key_base is kept private # if you're sharing your code publicly. -<%= app_const %>.config.secret_token_key = '<%= app_secret %>' +<%= app_const %>.config.secret_key_base = '<%= app_secret %>' -- cgit v1.2.3