rails--rails/railties/configs/initializers/session_store.rb

# Be sure to restart your server when you modify this file.

# Your secret key for verifying cookie session data integrity.
# If you change this key, all old sessions will become invalid!
# Make sure the secret is at least 30 characters and all random, 
# no regular words or you'll be exposed to dictionary attacks.
ActionController::Base.session = {
  :key         => '_<%= app_name %>_session',
  :secret      => '<%= app_secret %>'
}

# Use the database for sessions instead of the cookie-based default,
# which shouldn't be used to store highly confidential information
# (create the session table with "rake db:sessions:create")
# ActionController::Base.session_store = :active_record_store
Add restart notice where missing 2008-11-30 16:54:44 -05:00			`# Be sure to restart your server when you modify this file.`

Even more polish of the default configration files and split off the session store configuration into its own file 2008-11-30 16:53:21 -05:00			`# Your secret key for verifying cookie session data integrity.`
			`# If you change this key, all old sessions will become invalid!`
			`# Make sure the secret is at least 30 characters and all random,`
			`# no regular words or you'll be exposed to dictionary attacks.`
			`ActionController::Base.session = {`
Use :key instead of old :session_key in session_store.rb generator and docs [#1746 state:resovled] Signed-off-by: Joshua Peek <josh@joshpeek.com> 2009-01-13 15:27:23 -05:00			`:key => '_<%= app_name %>_session',`
Even more polish of the default configration files and split off the session store configuration into its own file 2008-11-30 16:53:21 -05:00			`:secret => '<%= app_secret %>'`
			`}`

			`# Use the database for sessions instead of the cookie-based default,`
			`# which shouldn't be used to store highly confidential information`
			`# (create the session table with "rake db:sessions:create")`
			`# ActionController::Base.session_store = :active_record_store`