Menu
I receive this warning when running my specs. Is there a best practice for generating a secret_key_base, or will any string suffice (with regard to security concerns)?
898
You propably upgraded to Rails 4 from a 3.x or a previous version.
First generate a random secret key value:
$ bundle exec rake secret
Then take that value and put it in config/initializers/secret_token.rb:
YourApp::Application.config.secret_key_base = 'your-secret'
replacing YourApp with the name of your application.
The reason for this is explained here.
Also see http://guides.rubyonrails.org/upgrading_ruby_on_rails.html#config-secrets-yml
53
As of 4.1, you need to use the config/secrets.yml file. This is discussed in http://guides.rubyonrails.org/upgrading_ruby_on_rails.html#config-secrets-yml .
6
You simply need to create a secret_token.rb file in the config/initializers directory.
Contents of the file below:
YourAppNameHere::Application.config.secret_key_base = #type the key you generated with rake secret here
then save the file
close your server:
ctrl c
restart it: rails s
You'll now see the basic rails app page you saw in the last chapter (If you're working through Hartl's tutorial)
4
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
