Rails 3 Session Secret and Session Store
2010-04-07 20:30:00 +0000
In Rails 3 the location and way you declare the session secret and session store have changed.
Rails 3 Session Secret and Session Store
In Rails 3 the location and way you declare the session secret and session store have changed.
Previously (in 2.3.x) you would have one file:
config/initializers/session_store.rb
ActionController::Base.session = {
:key => ‘_my_app_name_session’,
:secret => ‘somereallylongrandomkey’
}
In Rails 3, you reduce session_store.rb to the following:
Rails.application.config.session_store :cookie_store, :key => "_my_app_name_session"
And then, because we now need somewhere to store the secret, you create a new file called config/initializers/cookie_verification_secret.rb and put inside of it:
Rails.application.config.cookie_secret = 'somereallylongrandomkey'
If instead of using cookies, you were using active record as the store, then you obviously wouldn’t need the cookie_verification_secret.rb file and instead would insert any other config you needed into its own file inside of initializers.
This gives us the added bonus of being able to exclude cookie secrets from source control systems.
blogLater
Mikel
Latest posts
- Rails Security Alert
- Encrypting Another Partition Using FileVault 2 on OSX Lion
- Installing Home Folder on Second Drive on OSX Lion
- undefined local variable or method `version_requirements'
- A New World of Resources
- Rails Static Pages
- Twitter Replacing Rails? So?
- Engine Yard Cloud Backups Generating Zero Length Backups
- Our Rails Rumble Entry - StillAlive.com
- Renaming a controller and redirection in Rails 3
- Updating RailsPlugins.org to Rails 3 - Part 1
- A new protocol for social interaction
- What is a distributed social network?
- Bundler and Public Git Sources
- Getting Heroku, memcached and Rails 3 working
- Why Bundler?
- Rails Commit Access
- Introducing TellThemWhen
- rake RSpec & Cucumber uninitialized constant Rails::Boot::Bundler
- This Relationship is Worth Nothing
- Thank YOU...
- Inline Attachments for ActionMailer
- Upgrading RailsPlugins.org to Rails 3 - Part 1
- Stripping dollar signs and commas from a string
- Getting Rails 3 Edge with jQuery, RSpec and Cucumber using RVM
- Action Mailer, go Proc thyself
- The Real News Donation Drive
- ActionMailer ScreenCast and Article
- Installing RSpec for Rails 3
- I am speaking at RailsConf 2010
- If you're lazy and you know it write your specs!
- Bundler - uninitialized constant ActionController
- Bundle Me Some Sanity
- How to use Mail / ActionMailer 3 with GMail SMTP
- Put your mailer where the action is!
- Why Force a Choice?
- How to make an RSS feed in Rails
- Rails 3 Routing with Rack
- Bundle me some Rails
- Helping out in Haiti
- Watch your self
- Is Rails 3.0 a Game Changer?
- Where did the scripts go?
- validates :rails_3, :awesome => true
- New Rails Version 3.0 Guides Online
- New ActionMailer API in Rails 3.0
- Mail gem version 2 released
- How to rename a Rails 3 Application
- Rails 3.0 Examples
Latest comments
- personal fitness plan examples
Hello, i think that i saw you v...
- Byron
I have to thank you for the eff...
- bottes soldes femmes
doudoune moncler bulgarie bott...
- appliance repair laurel md
Having the essential factors re...
- appliance repair columbia md
Having the essential factors re...
Categories
Tag Cloud
AJAX ARGH! ActiveRecord Ajax Apache Apple Asterisk Australia Copy Database Development Feedburner Gem server Google Human Rights Javascript L. Ron Hubbard MS SQL Server MacOSX Mail Mephisto Not Programming OpenBSD Opensource Performance Personal Integrity PostgreSQL Programming Prototype Puzzle RDoc REST RESTful Rails RSPec RSpec Rails Rails Tips Rspec Ruby Ruby on Rails Ruby on Rails Tips Ruby on rails Tips SQL SQLServer SVN Scientologist Scientology Site Stats Soekris Soekris net5501 TMail Textmate Tips Windows World about mikel anti drug apache contributing daemon documentation drugs illustrator javascript lambda mail mephisto newspapers nitro open source opensource photoshop productivity programming railscasts rspec ruby ruby on rails rubyforge scientology seo sitemap sqlserver tips tmail tom cruise unix tricks vector graphicsArchives
- November 2009 (1)
- October 2009 (2)
- September 2009 (2)
- August 2009 (0)
- July 2009 (1)
- June 2009 (0)
- May 2009 (1)
- April 2009 (0)
- March 2009 (0)
- February 2009 (0)
- January 2009 (2)
- December 2008 (0)
- November 2008 (5)
- October 2008 (0)
- September 2008 (1)
- August 2008 (0)
- July 2008 (2)
- June 2008 (13)
- May 2008 (7)
- April 2008 (18)
- March 2008 (8)
- February 2008 (5)
- January 2008 (7)
- December 2007 (20)
- November 2007 (22)