From 70117b02949ccd724735aec8f4f19db4171e9e05 Mon Sep 17 00:00:00 2001 From: Jeremy Kemper Date: Sat, 15 Dec 2007 02:27:56 +0000 Subject: [PATCH] Introduce (in /Users/jeremy/rails/git/trunk) to output a crytographically secure secret key for use with cookie sessions. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8400 5ecf4fe2-1ee6-0310-87b1-e25e094e27de --- .../lib/action_controller/session/cookie_store.rb | 3 +++ railties/CHANGELOG | 2 ++ railties/lib/tasks/misc.rake | 10 +++++++++- 3 files changed, 14 insertions(+), 1 deletion(-) diff --git a/actionpack/lib/action_controller/session/cookie_store.rb b/actionpack/lib/action_controller/session/cookie_store.rb index 0da092225a..e33a241e99 100644 --- a/actionpack/lib/action_controller/session/cookie_store.rb +++ b/actionpack/lib/action_controller/session/cookie_store.rb @@ -34,6 +34,9 @@ require 'openssl' # to generate the HMAC message digest # defaults to 'SHA1' but may be any digest provided by OpenSSL, # such as 'MD5', 'RIPEMD160', 'SHA256', etc. # +# To generate a secret key for an existing application, run +# `rake generate:secret` and set the key in config/environment.rb +# # Note that changing digest or secret invalidates all existing sessions! class CGI::Session::CookieStore # Cookies can typically store 4096 bytes. diff --git a/railties/CHANGELOG b/railties/CHANGELOG index 06f56d3928..36d03fe2db 100644 --- a/railties/CHANGELOG +++ b/railties/CHANGELOG @@ -1,5 +1,7 @@ *SVN* +* Introduce `rake generate:secret` to output a crytographically secure secret key for use with cookie sessions. #xxxx [update from Trac] + * Fixed that local database creation should consider 127.0.0.1 local #9026 [parcelbrat] * Fixed that functional tests generated for scaffolds should use fixture calls instead of hard-coded IDs #10435 [boone] diff --git a/railties/lib/tasks/misc.rake b/railties/lib/tasks/misc.rake index 02ba886061..d145db0934 100644 --- a/railties/lib/tasks/misc.rake +++ b/railties/lib/tasks/misc.rake @@ -1,4 +1,12 @@ task :default => :test task :environment do require(File.join(RAILS_ROOT, 'config', 'environment')) -end \ No newline at end of file +end + +require 'rails_generator/secret_key_generator' +namespace :generate do + desc 'Generate a crytographically secure secret key. This is typically used to generate a secret for cookie sessions. Pass a unique identifier to the generator using ID="some unique identifier" for greater security.' + task :secret do + puts Rails::SecretKeyGenerator.new(ENV['ID']).generate_secret + end +end