Commit 246db20c449bc9875560077a4036bf18121a0534
1 parent
19066a58
Exists in
master
and in
1 other branch
update configs for rails 4.1
- use secrets.yml - use Rails.application over Errbit::Application - do not use secret_token.rb - update devise initializer
Showing
25 changed files
with
210 additions
and
195 deletions
Show diff stats
Gemfile
| ... | ... | @@ -24,7 +24,7 @@ gem 'rails_autolink' |
| 24 | 24 | # Please don't update hoptoad_notifier to airbrake. |
| 25 | 25 | # It's for internal use only, and we monkeypatch certain methods |
| 26 | 26 | gem 'hoptoad_notifier', "~> 2.4" |
| 27 | -gem 'draper', :require => false | |
| 27 | +gem 'draper' | |
| 28 | 28 | |
| 29 | 29 | gem 'errbit_plugin', github: 'errbit/errbit_plugin' |
| 30 | 30 | gem 'errbit_github_plugin', github: 'errbit/errbit_github_plugin' | ... | ... |
Rakefile
| 1 | -#!/usr/bin/env rake | |
| 2 | 1 | # Add your own tasks in files placed in lib/tasks ending in .rake, |
| 3 | 2 | # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake. |
| 4 | 3 | |
| 5 | 4 | require File.expand_path('../config/application', __FILE__) |
| 6 | 5 | |
| 7 | -Errbit::Application.load_tasks | |
| 6 | +Rails.application.load_tasks | |
| 8 | 7 | |
| 9 | 8 | begin |
| 10 | 9 | require 'rspec/core/rake_task' | ... | ... |
config.ru
config/application.rb
| ... | ... | @@ -5,8 +5,8 @@ require "action_mailer/railtie" |
| 5 | 5 | require 'mongoid/railtie' |
| 6 | 6 | require "sprockets/railtie" |
| 7 | 7 | |
| 8 | -require 'draper' | |
| 9 | - | |
| 8 | +# Require the gems listed in Gemfile, including any gems | |
| 9 | +# you've limited to :test, :development, or :production. | |
| 10 | 10 | Bundler.require(*Rails.groups) |
| 11 | 11 | |
| 12 | 12 | module Errbit |
| ... | ... | @@ -18,10 +18,6 @@ module Errbit |
| 18 | 18 | # Custom directories with classes and modules you want to be autoloadable. |
| 19 | 19 | config.autoload_paths += [Rails.root.join('lib')] |
| 20 | 20 | |
| 21 | - # Only load the plugins named here, in the order given (default is alphabetical). | |
| 22 | - # :all can be used as a placeholder for all plugins not explicitly named. | |
| 23 | - # config.plugins = [ :exception_notification, :ssl_requirement, :all ] | |
| 24 | - | |
| 25 | 21 | # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone. |
| 26 | 22 | # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC. |
| 27 | 23 | # config.time_zone = 'Central Time (US & Canada)' |
| ... | ... | @@ -41,23 +37,7 @@ module Errbit |
| 41 | 37 | # IssueTracker subclasses use inheritance, so preloading models provides querying consistency in dev mode. |
| 42 | 38 | config.mongoid.preload_models = true |
| 43 | 39 | |
| 44 | - # Configure the default encoding used in templates for Ruby 1.9. | |
| 45 | - config.encoding = "utf-8" | |
| 46 | - | |
| 47 | - # Configure sensitive parameters which will be filtered from the log file. | |
| 48 | - config.filter_parameters += [:password] | |
| 49 | - | |
| 50 | 40 | # Configure Devise mailer to use our mailer layout. |
| 51 | 41 | config.to_prepare { Devise::Mailer.layout "mailer" } |
| 52 | - | |
| 53 | - | |
| 54 | - # Enable the asset pipeline | |
| 55 | - config.assets.enabled = true | |
| 56 | - | |
| 57 | - # Need to initialize Rails environment for issue_tracker_icons.css.erb | |
| 58 | - config.assets.initialize_on_precompile = true | |
| 59 | - | |
| 60 | - # Version of your assets, change this if you want to expire all your assets | |
| 61 | - config.assets.version = '1.0' | |
| 62 | 42 | end |
| 63 | 43 | end | ... | ... |
config/boot.rb
| 1 | -require 'rubygems' | |
| 2 | - | |
| 3 | 1 | # Set up gems listed in the Gemfile. |
| 4 | -gemfile = File.expand_path('../../Gemfile', __FILE__) | |
| 5 | -begin | |
| 6 | - ENV['BUNDLE_GEMFILE'] = gemfile | |
| 7 | - require 'bundler' | |
| 8 | - Bundler.setup | |
| 9 | -rescue Bundler::GemNotFound => e | |
| 10 | - STDERR.puts e.message | |
| 11 | - STDERR.puts "Try running `bundle install`." | |
| 12 | - exit! | |
| 13 | -end if File.exist?(gemfile) | |
| 2 | +ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__) | |
| 14 | 3 | |
| 4 | +require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE']) | ... | ... |
config/cloud/cloud66/deploy_hooks.yml
| ... | ... | @@ -16,10 +16,6 @@ production: |
| 16 | 16 | destination: <%= ENV['RAILS_STACK_PATH'] %>/config/mongoid.yml |
| 17 | 17 | target: rails |
| 18 | 18 | run_on: all_servers |
| 19 | - - source: /config/cloud/cloud66/files/secret_token.rb | |
| 20 | - destination: <%= ENV['RAILS_STACK_PATH'] %>/config/initializers/secret_token.rb | |
| 21 | - target: rails | |
| 22 | - run_on: all_servers | |
| 23 | 19 | - source: /config/cloud/cloud66/files/seeds.rb |
| 24 | 20 | destination: <%= ENV['RAILS_STACK_PATH'] %>/db/seeds.rb |
| 25 | 21 | target: rails |
| ... | ... | @@ -59,10 +55,6 @@ staging: |
| 59 | 55 | destination: <%= ENV['RAILS_STACK_PATH'] %>/config/mongoid.yml |
| 60 | 56 | target: rails |
| 61 | 57 | run_on: all_servers |
| 62 | - - source: /config/cloud/cloud66/files/secret_token.rb | |
| 63 | - destination: <%= ENV['RAILS_STACK_PATH'] %>/config/initializers/secret_token.rb | |
| 64 | - target: rails | |
| 65 | - run_on: all_servers | |
| 66 | 58 | - source: /config/cloud/cloud66/files/seeds.rb |
| 67 | 59 | destination: <%= ENV['RAILS_STACK_PATH'] %>/db/seeds.rb |
| 68 | 60 | target: rails |
| ... | ... | @@ -103,10 +95,6 @@ development: |
| 103 | 95 | destination: <%= ENV['RAILS_STACK_PATH'] %>/config/mongoid.yml |
| 104 | 96 | target: rails |
| 105 | 97 | run_on: all_servers |
| 106 | - - source: /config/cloud/cloud66/files/secret_token.rb | |
| 107 | - destination: <%= ENV['RAILS_STACK_PATH'] %>/config/initializers/secret_token.rb | |
| 108 | - target: rails | |
| 109 | - run_on: all_servers | |
| 110 | 98 | - source: /config/cloud/cloud66/files/seeds.rb |
| 111 | 99 | destination: <%= ENV['RAILS_STACK_PATH'] %>/db/seeds.rb |
| 112 | 100 | target: rails | ... | ... |
config/cloud/cloud66/files/secret_token.rb
config/deploy.example.rb
config/environment.rb
config/environments/development.rb
| 1 | -Errbit::Application.configure do | |
| 2 | - # Settings specified here will take precedence over those in config/environment.rb | |
| 1 | +Rails.application.configure do | |
| 2 | + # Settings specified here will take precedence over those in config/application.rb. | |
| 3 | 3 | |
| 4 | 4 | # In the development environment your application's code is reloaded on |
| 5 | - # every request. This slows down response time but is perfect for development | |
| 6 | - # since you don't have to restart the webserver when you make code changes. | |
| 5 | + # every request. This slows down response time but is perfect for development | |
| 6 | + # since you don't have to restart the web server when you make code changes. | |
| 7 | 7 | config.cache_classes = false |
| 8 | 8 | |
| 9 | + # Do not eager load code on boot. | |
| 9 | 10 | config.eager_load = false |
| 10 | 11 | |
| 11 | - # Show full error reports and disable caching | |
| 12 | + # Show full error reports and disable caching. | |
| 12 | 13 | config.consider_all_requests_local = true |
| 13 | 14 | config.action_controller.perform_caching = false |
| 14 | 15 | |
| 15 | - # Don't care if the mailer can't send | |
| 16 | + # Don't care if the mailer can't send. | |
| 16 | 17 | config.action_mailer.raise_delivery_errors = false |
| 17 | - config.action_mailer.default_url_options = { :host => 'localhost:3000' } | |
| 18 | 18 | |
| 19 | - # Print deprecation notices to the Rails logger | |
| 19 | + # Print deprecation notices to the Rails logger. | |
| 20 | 20 | config.active_support.deprecation = :log |
| 21 | 21 | |
| 22 | - # Do not compress assets | |
| 23 | - config.assets.compress = false | |
| 22 | + # Raise an error on page load if there are pending migrations. | |
| 23 | + # config.active_record.migration_error = :page_load | |
| 24 | 24 | |
| 25 | - # Expands the lines which load the assets | |
| 25 | + # Debug mode disables concatenation and preprocessing of assets. | |
| 26 | + # This option may cause significant delays in view rendering with a large | |
| 27 | + # number of complex assets. | |
| 26 | 28 | config.assets.debug = true |
| 27 | -end | |
| 28 | 29 | |
| 30 | + # Adds additional error checking when serving assets at runtime. | |
| 31 | + # Checks for improperly declared sprockets dependencies. | |
| 32 | + # Raises helpful error messages. | |
| 33 | + config.assets.raise_runtime_errors = false | |
| 34 | + | |
| 35 | + # Raises error for missing translations | |
| 36 | + # config.action_view.raise_on_missing_translations = true | |
| 37 | +end | ... | ... |
config/environments/production.rb
| 1 | -Errbit::Application.configure do | |
| 2 | - # Settings specified here will take precedence over those in config/environment.rb | |
| 1 | +Rails.application.configure do | |
| 2 | + # Settings specified here will take precedence over those in config/application.rb. | |
| 3 | 3 | |
| 4 | - # The production environment is meant for finished, "live" apps. | |
| 5 | - # Code is not reloaded between requests | |
| 4 | + # Code is not reloaded between requests. | |
| 6 | 5 | config.cache_classes = true |
| 7 | 6 | |
| 7 | + # Eager load code on boot. This eager loads most of Rails and | |
| 8 | + # your application in memory, allowing both threaded web servers | |
| 9 | + # and those relying on copy on write to perform better. | |
| 10 | + # Rake tasks automatically ignore this option for performance. | |
| 8 | 11 | config.eager_load = true |
| 9 | 12 | |
| 10 | - # Shows or hides all error details if something goes wrong inside Errbit | |
| 13 | + # Full error reports are disabled and caching is turned on. | |
| 11 | 14 | config.consider_all_requests_local = false |
| 12 | - # Caching is turned on | |
| 13 | 15 | config.action_controller.perform_caching = true |
| 14 | 16 | |
| 15 | - # Specifies the header that your server uses for sending files | |
| 16 | - config.action_dispatch.x_sendfile_header = "X-Sendfile" | |
| 17 | + # Enable Rack::Cache to put a simple HTTP cache in front of your application | |
| 18 | + # Add `rack-cache` to your Gemfile before enabling this. | |
| 19 | + # For large-scale production use, consider using a caching reverse proxy like nginx, varnish or squid. | |
| 20 | + # config.action_dispatch.rack_cache = true | |
| 17 | 21 | |
| 18 | - # For nginx: | |
| 19 | - # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' | |
| 22 | + # Disable Rails's static asset server (Apache or nginx will already do this). | |
| 23 | + config.serve_static_assets = false | |
| 20 | 24 | |
| 21 | - # If you have no front-end server that supports something like X-Sendfile, | |
| 22 | - # just comment this out and Rails will serve the files | |
| 25 | + # Compress JavaScripts and CSS. | |
| 26 | + config.assets.js_compressor = :uglifier | |
| 27 | + # config.assets.css_compressor = :sass | |
| 23 | 28 | |
| 24 | - # See everything in the log (default is :info) | |
| 25 | - # config.log_level = :debug | |
| 29 | + # Do not fallback to assets pipeline if a precompiled asset is missed. | |
| 30 | + config.assets.compile = false | |
| 26 | 31 | |
| 27 | - # Use a different logger for distributed setups | |
| 28 | - # config.logger = SyslogLogger.new | |
| 32 | + # Generate digests for assets URLs. | |
| 33 | + config.assets.digest = true | |
| 29 | 34 | |
| 30 | - # Use a different cache store in production | |
| 31 | - # config.cache_store = :mem_cache_store | |
| 35 | + # `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb | |
| 32 | 36 | |
| 33 | - # Disable Rails's static asset server | |
| 34 | - # In production, Apache or nginx will already do this | |
| 35 | - config.serve_static_assets = false | |
| 37 | + # Specifies the header that your server uses for sending files. | |
| 38 | + # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache | |
| 39 | + # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx | |
| 36 | 40 | |
| 37 | - # Compress JavaScripts and CSS | |
| 38 | - config.assets.compress = true | |
| 41 | + # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. | |
| 42 | + # config.force_ssl = true | |
| 39 | 43 | |
| 40 | - # Don't fallback to assets pipeline if a precompiled asset is missed | |
| 41 | - config.assets.compile = false | |
| 44 | + # Set to :debug to see everything in the log. | |
| 45 | + config.log_level = :info | |
| 42 | 46 | |
| 43 | - # Generate digests for assets URLs | |
| 44 | - config.assets.digest = true | |
| 47 | + # Prepend all log lines with the following tags. | |
| 48 | + # config.log_tags = [ :subdomain, :uuid ] | |
| 45 | 49 | |
| 46 | - # Enable serving of images, stylesheets, and javascripts from an asset server | |
| 47 | - # config.action_controller.asset_host = "http://assets.example.com" | |
| 50 | + # Use a different logger for distributed setups. | |
| 51 | + # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new) | |
| 48 | 52 | |
| 49 | - # Disable delivery errors, bad email addresses will be ignored | |
| 50 | - # config.action_mailer.raise_delivery_errors = false | |
| 53 | + # Use a different cache store in production. | |
| 54 | + # config.cache_store = :mem_cache_store | |
| 51 | 55 | |
| 52 | - # Set default host for ActionMailer links | |
| 53 | - config.action_mailer.default_url_options = { :host => ENV['ERRBIT_HOST'] } if ENV['ERRBIT_HOST'] | |
| 56 | + # Enable serving of images, stylesheets, and JavaScripts from an asset server. | |
| 57 | + # config.action_controller.asset_host = "http://assets.example.com" | |
| 54 | 58 | |
| 55 | - # Enable threaded mode | |
| 56 | - # config.threadsafe! | |
| 59 | + # Ignore bad email addresses and do not raise email delivery errors. | |
| 60 | + # Set this to true and configure the email server for immediate delivery to raise delivery errors. | |
| 61 | + # config.action_mailer.raise_delivery_errors = false | |
| 57 | 62 | |
| 58 | 63 | # Enable locale fallbacks for I18n (makes lookups for any locale fall back to |
| 59 | - # the I18n.default_locale when a translation can not be found) | |
| 64 | + # the I18n.default_locale when a translation cannot be found). | |
| 60 | 65 | config.i18n.fallbacks = true |
| 61 | 66 | |
| 62 | - # Send deprecation notices to registered listeners | |
| 67 | + # Send deprecation notices to registered listeners. | |
| 63 | 68 | config.active_support.deprecation = :notify |
| 64 | - config.static_cache_control = "public, max-age=7200" | |
| 65 | -end | |
| 66 | 69 | |
| 70 | + # Disable automatic flushing of the log to improve performance. | |
| 71 | + # config.autoflush_log = false | |
| 72 | + | |
| 73 | + # Use default logging formatter so that PID and timestamp are not suppressed. | |
| 74 | + config.log_formatter = ::Logger::Formatter.new | |
| 75 | + | |
| 76 | + # Do not dump schema after migrations. | |
| 77 | + # config.active_record.dump_schema_after_migration = false | |
| 78 | +end | ... | ... |
config/environments/test.rb
| 1 | -Errbit::Application.configure do | |
| 2 | - # Settings specified here will take precedence over those in config/environment.rb | |
| 1 | +Rails.application.configure do | |
| 2 | + # Settings specified here will take precedence over those in config/application.rb. | |
| 3 | 3 | |
| 4 | 4 | # The test environment is used exclusively to run your application's |
| 5 | - # test suite. You never need to work with it otherwise. Remember that | |
| 5 | + # test suite. You never need to work with it otherwise. Remember that | |
| 6 | 6 | # your test database is "scratch space" for the test suite and is wiped |
| 7 | - # and recreated between test runs. Don't rely on the data there! | |
| 7 | + # and recreated between test runs. Don't rely on the data there! | |
| 8 | 8 | config.cache_classes = true |
| 9 | 9 | |
| 10 | + # Do not eager load code on boot. This avoids loading your whole application | |
| 11 | + # just for the purpose of running a single test. If you are using a tool that | |
| 12 | + # preloads Rails for running tests, you may have to set it to true. | |
| 10 | 13 | config.eager_load = false |
| 11 | 14 | |
| 12 | - # Show full error reports and disable caching | |
| 15 | + # Configure static asset server for tests with Cache-Control for performance. | |
| 16 | + config.serve_static_assets = true | |
| 17 | + config.static_cache_control = 'public, max-age=3600' | |
| 18 | + | |
| 19 | + # Show full error reports and disable caching. | |
| 13 | 20 | config.consider_all_requests_local = true |
| 14 | 21 | config.action_controller.perform_caching = false |
| 15 | 22 | |
| 16 | - # Raise exceptions instead of rendering exception templates | |
| 23 | + # Raise exceptions instead of rendering exception templates. | |
| 17 | 24 | config.action_dispatch.show_exceptions = false |
| 18 | 25 | |
| 19 | - # Disable request forgery protection in test environment | |
| 20 | - config.action_controller.allow_forgery_protection = false | |
| 26 | + # Disable request forgery protection in test environment. | |
| 27 | + config.action_controller.allow_forgery_protection = false | |
| 21 | 28 | |
| 22 | 29 | # Tell Action Mailer not to deliver emails to the real world. |
| 23 | 30 | # The :test delivery method accumulates sent emails in the |
| 24 | 31 | # ActionMailer::Base.deliveries array. |
| 25 | 32 | config.action_mailer.delivery_method = :test |
| 26 | - config.action_mailer.default_url_options = { :host => 'test.host' } | |
| 27 | - | |
| 28 | - # Use SQL instead of Active Record's schema dumper when creating the test database. | |
| 29 | - # This is necessary if your schema can't be completely dumped by the schema dumper, | |
| 30 | - # like if you have constraints or database-specific column types | |
| 31 | - # config.active_record.schema_format = :sql | |
| 32 | 33 | |
| 33 | - # Print deprecation notices to the stderr | |
| 34 | + # Print deprecation notices to the stderr. | |
| 34 | 35 | config.active_support.deprecation = :stderr |
| 35 | -end | |
| 36 | 36 | |
| 37 | + # Raises error for missing translations | |
| 38 | + # config.action_view.raise_on_missing_translations = true | |
| 39 | +end | ... | ... |
| ... | ... | @@ -0,0 +1,11 @@ |
| 1 | +# Be sure to restart your server when you modify this file. | |
| 2 | + | |
| 3 | +# Version of your assets, change this if you want to expire all your assets. | |
| 4 | +Rails.application.config.assets.version = '1.0' | |
| 5 | + | |
| 6 | +# Precompile additional assets. | |
| 7 | +# application.js, application.css, and all non-JS/CSS in app/assets folder are already added. | |
| 8 | +# Rails.application.config.assets.precompile += %w( search.js ) | |
| 9 | + | |
| 10 | +# Need to initialize Rails environment for issue_tracker_icons.css.erb | |
| 11 | +Rails.application.config.assets.initialize_on_precompile = true | ... | ... |
config/initializers/backtrace_silencers.rb
config/initializers/devise.rb
| 1 | 1 | # Use this hook to configure devise mailer, warden hooks and so forth. |
| 2 | 2 | # Many of these configuration options can be set straight in your model. |
| 3 | 3 | Devise.setup do |config| |
| 4 | + # The secret key used by Devise. Devise uses this key to generate | |
| 5 | + # random tokens. Changing this key will render invalid all existing | |
| 6 | + # confirmation, reset password and unlock tokens in the database. | |
| 7 | + # config.secret_key = '2970917daf24e79762e7f370c2121b17417d729bdc587874c769b298a580824ff79b4cfd8ad6f3da94c6bbd1d5e12b483dbd2fd78b343777adc1fd15692dbcb2' | |
| 8 | + | |
| 4 | 9 | # ==> Mailer Configuration |
| 5 | 10 | # Configure the e-mail address which will be shown in Devise::Mailer, |
| 6 | - # note that it will be overwritten if you use your own mailer class with default "from" parameter. | |
| 11 | + # note that it will be overwritten if you use your own mailer class | |
| 12 | + # with default "from" parameter. | |
| 7 | 13 | config.mailer_sender = Errbit::Config.email_from |
| 8 | 14 | |
| 9 | 15 | # Configure the class responsible to send e-mails. |
| 10 | - # config.mailer = "Devise::Mailer" | |
| 16 | + # config.mailer = 'Devise::Mailer' | |
| 11 | 17 | |
| 12 | 18 | # ==> ORM configuration |
| 13 | 19 | # Load and configure the ORM. Supports :active_record (default) and |
| ... | ... | @@ -50,19 +56,16 @@ Devise.setup do |config| |
| 50 | 56 | |
| 51 | 57 | # Tell if authentication through HTTP Auth is enabled. False by default. |
| 52 | 58 | # It can be set to an array that will enable http authentication only for the |
| 53 | - # given strategies, for example, `config.http_authenticatable = [:token]` will | |
| 54 | - # enable it only for token authentication. The supported strategies are: | |
| 59 | + # given strategies, for example, `config.http_authenticatable = [:database]` will | |
| 60 | + # enable it only for database authentication. The supported strategies are: | |
| 55 | 61 | # :database = Support basic authentication with authentication key + password |
| 56 | - # :token = Support basic authentication with token authentication key | |
| 57 | - # :token_options = Support token authentication with options as defined in | |
| 58 | - # http://api.rubyonrails.org/classes/ActionController/HttpAuthentication/Token.html | |
| 59 | 62 | # config.http_authenticatable = false |
| 60 | 63 | |
| 61 | - # If http headers should be returned for AJAX requests. True by default. | |
| 64 | + # If 401 status code should be returned for AJAX requests. True by default. | |
| 62 | 65 | # config.http_authenticatable_on_xhr = true |
| 63 | 66 | |
| 64 | - # The realm used in Http Basic Authentication. "Application" by default. | |
| 65 | - # config.http_authentication_realm = "Application" | |
| 67 | + # The realm used in Http Basic Authentication. 'Application' by default. | |
| 68 | + # config.http_authentication_realm = 'Application' | |
| 66 | 69 | |
| 67 | 70 | # It will change confirmation, password recovery and other workflows |
| 68 | 71 | # to behave the same regardless if the e-mail provided was right or wrong. |
| ... | ... | @@ -70,30 +73,38 @@ Devise.setup do |config| |
| 70 | 73 | # config.paranoid = true |
| 71 | 74 | |
| 72 | 75 | # By default Devise will store the user in session. You can skip storage for |
| 73 | - # :http_auth and :token_auth by adding those symbols to the array below. | |
| 76 | + # particular strategies by setting this option. | |
| 74 | 77 | # Notice that if you are skipping storage for all authentication paths, you |
| 75 | 78 | # may want to disable generating routes to Devise's sessions controller by |
| 76 | - # passing :skip => :sessions to `devise_for` in your config/routes.rb | |
| 79 | + # passing skip: :sessions to `devise_for` in your config/routes.rb | |
| 77 | 80 | config.skip_session_storage = [:http_auth] |
| 78 | 81 | |
| 82 | + # By default, Devise cleans up the CSRF token on authentication to | |
| 83 | + # avoid CSRF token fixation attacks. This means that, when using AJAX | |
| 84 | + # requests for sign in and sign up, you need to get a new CSRF token | |
| 85 | + # from the server. You can disable this option at your own risk. | |
| 86 | + # config.clean_up_csrf_token_on_authentication = true | |
| 87 | + | |
| 79 | 88 | # ==> Configuration for :database_authenticatable |
| 80 | 89 | # For bcrypt, this is the cost for hashing the password and defaults to 10. If |
| 81 | 90 | # using other encryptors, it sets how many times you want the password re-encrypted. |
| 82 | 91 | # |
| 83 | 92 | # Limiting the stretches to just one in testing will increase the performance of |
| 84 | 93 | # your test suite dramatically. However, it is STRONGLY RECOMMENDED to not use |
| 85 | - # a value less than 10 in other environments. | |
| 94 | + # a value less than 10 in other environments. Note that, for bcrypt (the default | |
| 95 | + # encryptor), the cost increases exponentially with the number of stretches (e.g. | |
| 96 | + # a value of 20 is already extremely slow: approx. 60 seconds for 1 calculation). | |
| 86 | 97 | config.stretches = Rails.env.test? ? 1 : 10 |
| 87 | 98 | |
| 88 | 99 | # Setup a pepper to generate the encrypted password. |
| 89 | - config.pepper = "425f10f555c1a4718aff3370ef9dd2d97a21622beb0400fde6b52177375ddcbe37a2dac6af9bca835c988e00c32887ee940ba111a78eab48234d8799936d36b9" | |
| 100 | + config.pepper = '425f10f555c1a4718aff3370ef9dd2d97a21622beb0400fde6b52177375ddcbe37a2dac6af9bca835c988e00c32887ee940ba111a78eab48234d8799936d36b9' | |
| 90 | 101 | |
| 91 | 102 | # ==> Configuration for :confirmable |
| 92 | 103 | # A period that the user is allowed to access the website even without |
| 93 | - # confirming his account. For instance, if set to 2.days, the user will be | |
| 94 | - # able to access the website for two days without confirming his account, | |
| 104 | + # confirming their account. For instance, if set to 2.days, the user will be | |
| 105 | + # able to access the website for two days without confirming their account, | |
| 95 | 106 | # access will be blocked just in the third day. Default is 0.days, meaning |
| 96 | - # the user cannot access the website without confirming his account. | |
| 107 | + # the user cannot access the website without confirming their account. | |
| 97 | 108 | # config.allow_unconfirmed_access_for = 2.days |
| 98 | 109 | |
| 99 | 110 | # A period that the user is allowed to confirm their account before their |
| ... | ... | @@ -106,8 +117,8 @@ Devise.setup do |config| |
| 106 | 117 | |
| 107 | 118 | # If true, requires any email changes to be confirmed (exactly the same way as |
| 108 | 119 | # initial account confirmation) to be applied. Requires additional unconfirmed_email |
| 109 | - # db field (see migrations). Until confirmed new email is stored in | |
| 110 | - # unconfirmed email column, and copied to email column on successful confirmation. | |
| 120 | + # db field (see migrations). Until confirmed, new email is stored in | |
| 121 | + # unconfirmed_email column, and copied to email column on successful confirmation. | |
| 111 | 122 | config.reconfirmable = true |
| 112 | 123 | |
| 113 | 124 | # Defines which key will be used when confirming an account |
| ... | ... | @@ -117,15 +128,18 @@ Devise.setup do |config| |
| 117 | 128 | # The time the user will be remembered without asking for credentials again. |
| 118 | 129 | config.remember_for = 2.weeks |
| 119 | 130 | |
| 131 | + # Invalidates all the remember me tokens when the user signs out. | |
| 132 | + config.expire_all_remember_me_on_sign_out = true | |
| 133 | + | |
| 120 | 134 | # If true, extends the user's remember period when remembered via cookie. |
| 121 | 135 | # config.extend_remember_period = false |
| 122 | 136 | |
| 123 | 137 | # Options to be passed to the created cookie. For instance, you can set |
| 124 | - # :secure => true in order to force SSL only cookies. | |
| 138 | + # secure: true in order to force SSL only cookies. | |
| 125 | 139 | # config.rememberable_options = {} |
| 126 | 140 | |
| 127 | 141 | # ==> Configuration for :validatable |
| 128 | - # Range for password length. Default is 8..128. | |
| 142 | + # Range for password length. | |
| 129 | 143 | config.password_length = 6..1024 |
| 130 | 144 | |
| 131 | 145 | # Email regex used to validate email formats. It simply asserts that |
| ... | ... | @@ -165,6 +179,9 @@ Devise.setup do |config| |
| 165 | 179 | # Time interval to unlock the account if :time is enabled as unlock_strategy. |
| 166 | 180 | # config.unlock_in = 1.hour |
| 167 | 181 | |
| 182 | + # Warn on the last attempt before the account is locked. | |
| 183 | + # config.last_attempt_warning = true | |
| 184 | + | |
| 168 | 185 | # ==> Configuration for :recoverable |
| 169 | 186 | # |
| 170 | 187 | # Defines which key will be used when recovering the password for an account |
| ... | ... | @@ -208,7 +225,7 @@ Devise.setup do |config| |
| 208 | 225 | # should add them to the navigational formats lists. |
| 209 | 226 | # |
| 210 | 227 | # The "*/*" below is required to match Internet Explorer requests. |
| 211 | - # config.navigational_formats = ["*/*", :html] | |
| 228 | + # config.navigational_formats = ['*/*', :html] | |
| 212 | 229 | |
| 213 | 230 | # The default HTTP method used to sign out a resource. Default is :delete. |
| 214 | 231 | config.sign_out_via = :delete |
| ... | ... | @@ -216,7 +233,7 @@ Devise.setup do |config| |
| 216 | 233 | # ==> OmniAuth |
| 217 | 234 | # Add a new OmniAuth provider. Check the wiki for more information on setting |
| 218 | 235 | # up on your models and hooks. |
| 219 | - # config.omniauth :github, 'APP_ID', 'APP_SECRET', :scope => 'user,public_repo' | |
| 236 | + # config.omniauth :github, 'APP_ID', 'APP_SECRET', scope: 'user,public_repo' | |
| 220 | 237 | |
| 221 | 238 | if Errbit::Config.github_authentication || Rails.env.test? |
| 222 | 239 | config.omniauth :github, |
| ... | ... | @@ -232,7 +249,7 @@ Devise.setup do |config| |
| 232 | 249 | # |
| 233 | 250 | # config.warden do |manager| |
| 234 | 251 | # manager.intercept_401 = false |
| 235 | - # manager.default_strategies(:scope => :user).unshift :some_external_strategy | |
| 252 | + # manager.default_strategies(scope: :user).unshift :some_external_strategy | |
| 236 | 253 | # end |
| 237 | 254 | |
| 238 | 255 | # ==> Mountable engine configurations |
| ... | ... | @@ -240,12 +257,12 @@ Devise.setup do |config| |
| 240 | 257 | # is mountable, there are some extra configurations to be taken into account. |
| 241 | 258 | # The following options are available, assuming the engine is mounted as: |
| 242 | 259 | # |
| 243 | - # mount MyEngine, at: "/my_engine" | |
| 260 | + # mount MyEngine, at: '/my_engine' | |
| 244 | 261 | # |
| 245 | 262 | # The router that invoked `devise_for`, in the example above, would be: |
| 246 | 263 | # config.router_name = :my_engine |
| 247 | 264 | # |
| 248 | 265 | # When using omniauth, Devise cannot automatically set Omniauth path, |
| 249 | 266 | # so you need to do it manually. For the users scope, it would be: |
| 250 | - # config.omniauth_path_prefix = "/my_engine/users/auth" | |
| 267 | + # config.omniauth_path_prefix = '/my_engine/users/auth' | |
| 251 | 268 | end | ... | ... |
config/initializers/inflections.rb
| 1 | 1 | # Be sure to restart your server when you modify this file. |
| 2 | 2 | |
| 3 | -# Add new inflection rules using the following format | |
| 4 | -# (all these examples are active by default): | |
| 5 | -# ActiveSupport::Inflector.inflections do |inflect| | |
| 3 | +# Add new inflection rules using the following format. Inflections | |
| 4 | +# are locale specific, and you may define rules for as many different | |
| 5 | +# locales as you wish. All of these examples are active by default: | |
| 6 | +# ActiveSupport::Inflector.inflections(:en) do |inflect| | |
| 6 | 7 | # inflect.plural /^(ox)$/i, '\1en' |
| 7 | 8 | # inflect.singular /^(ox)en/i, '\1' |
| 8 | 9 | # inflect.irregular 'person', 'people' |
| 9 | 10 | # inflect.uncountable %w( fish sheep ) |
| 10 | 11 | # end |
| 11 | 12 | |
| 13 | +# These inflection rules are supported but not enabled by default: | |
| 14 | +# ActiveSupport::Inflector.inflections(:en) do |inflect| | |
| 15 | +# inflect.acronym 'RESTful' | |
| 16 | +# end | ... | ... |
config/initializers/mime_types.rb
config/initializers/secret_token.rb
| ... | ... | @@ -1,35 +0,0 @@ |
| 1 | -# Be sure to restart your server when you modify this file. | |
| 2 | - | |
| 3 | -# Your secret key for verifying the integrity of signed cookies. | |
| 4 | -# If you change this key, all old signed cookies will become invalid! | |
| 5 | -# Make sure the secret is at least 30 characters and all random, | |
| 6 | -# no regular words or you'll be exposed to dictionary attacks. | |
| 7 | - | |
| 8 | -# Everyone can share the same token for development/test | |
| 9 | -if ENV['SECRET_TOKEN'].present? | |
| 10 | - Errbit::Application.config.secret_token = ENV['SECRET_TOKEN'] | |
| 11 | - | |
| 12 | - # Do not raise an error if secret token is not available during assets precompilation | |
| 13 | -elsif %w(development test).include?(Rails.env) || ENV['RAILS_GROUPS'] == 'assets' | |
| 14 | - Errbit::Application.config.secret_token = 'f258ed69266dc8ad0ca79363c3d2f945c388a9c5920fc9a1ae99a98fbb619f135001c6434849b625884a9405a60cd3d50fc3e3b07ecd38cbed7406a4fccdb59c' | |
| 15 | -elsif !Errbit::Application.config.secret_token | |
| 16 | - raise <<-ERROR | |
| 17 | - | |
| 18 | - You must generate a unique secret token for your Errbit instance. | |
| 19 | - | |
| 20 | - If you are deploying via capistrano, please ensure that your `config/deploy.rb` contains | |
| 21 | - the new `errbit:setup_configs` and `errbit:symlink_configs` tasks from `config/deploy.example.rb`. | |
| 22 | - Next time you deploy, your secret token will be automatically generated. | |
| 23 | - | |
| 24 | - If you are deploying to Heroku, please run the following command to set your secret token: | |
| 25 | - heroku config:add SECRET_TOKEN="$(bundle exec rake secret)" | |
| 26 | - | |
| 27 | - If you are deploying in some other way, please run the following command to generate a new secret token, | |
| 28 | - and commit the new `config/initializers/__secret_token.rb`: | |
| 29 | - | |
| 30 | - echo "Errbit::Application.config.secret_token = '$(bundle exec rake secret)'" > config/initializers/__secret_token.rb | |
| 31 | - | |
| 32 | - ERROR | |
| 33 | -end | |
| 34 | - | |
| 35 | -Devise.secret_key = Errbit::Application.config.secret_token |
config/initializers/session_store.rb
| 1 | 1 | # Be sure to restart your server when you modify this file. |
| 2 | 2 | |
| 3 | -Errbit::Application.config.session_store :cookie_store, :key => '_errbit_session' | |
| 3 | +Rails.application.config.session_store :cookie_store, key: '_errbit_session' | |
| 4 | 4 | |
| 5 | 5 | # Use the database for sessions instead of the cookie-based default, |
| 6 | 6 | # which shouldn't be used to store highly confidential information |
| 7 | 7 | # (create the session table with "rake db:sessions:create") |
| 8 | -# Errbit::Application.config.session_store :active_record_store | |
| 9 | - | |
| 8 | +# Rails.application.config.session_store :active_record_store | ... | ... |
config/initializers/ssl_enforcer.rb
| ... | ... | @@ -2,7 +2,7 @@ |
| 2 | 2 | if Errbit::Config.enforce_ssl |
| 3 | 3 | require 'rack/ssl-enforcer' |
| 4 | 4 | ActionMailer::Base.default_url_options.merge!(:protocol => 'https://') |
| 5 | - Errbit::Application.configure do | |
| 5 | + Rails.application.configure do | |
| 6 | 6 | config.middleware.use Rack::SslEnforcer, :except => /^\/deploys/ |
| 7 | 7 | end |
| 8 | 8 | end | ... | ... |
| ... | ... | @@ -0,0 +1,14 @@ |
| 1 | +# Be sure to restart your server when you modify this file. | |
| 2 | + | |
| 3 | +# This file contains settings for ActionController::ParamsWrapper which | |
| 4 | +# is enabled by default. | |
| 5 | + | |
| 6 | +# Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array. | |
| 7 | +ActiveSupport.on_load(:action_controller) do | |
| 8 | + wrap_parameters format: [:json] if respond_to?(:wrap_parameters) | |
| 9 | +end | |
| 10 | + | |
| 11 | +# To enable root element in JSON for ActiveRecord objects. | |
| 12 | +# ActiveSupport.on_load(:active_record) do | |
| 13 | +# self.include_root_in_json = true | |
| 14 | +# end | ... | ... |
config/routes.rb
| ... | ... | @@ -0,0 +1,22 @@ |
| 1 | +# Be sure to restart your server when you modify this file. | |
| 2 | + | |
| 3 | +# Your secret key is used for verifying the integrity of signed cookies. | |
| 4 | +# If you change this key, all old signed cookies will become invalid! | |
| 5 | + | |
| 6 | +# Make sure the secret is at least 30 characters and all random, | |
| 7 | +# no regular words or you'll be exposed to dictionary attacks. | |
| 8 | +# You can use `rake secret` to generate a secure secret key. | |
| 9 | + | |
| 10 | +# Make sure the secrets in this file are kept private | |
| 11 | +# if you're sharing your code publicly. | |
| 12 | + | |
| 13 | +development: | |
| 14 | + secret_key_base: f258ed69266dc8ad0ca79363c3d2f945c388a9c5920fc9a1ae99a98fbb619f135001c6434849b625884a9405a60cd3d50fc3e3b07ecd38cbed7406a4fccdb59c | |
| 15 | + | |
| 16 | +test: | |
| 17 | + secret_key_base: f258ed69266dc8ad0ca79363c3d2f945c388a9c5920fc9a1ae99a98fbb619f135001c6434849b625884a9405a60cd3d50fc3e3b07ecd38cbed7406a4fccdb59c | |
| 18 | + | |
| 19 | +# Do not keep production secrets in the repository, | |
| 20 | +# instead read values from the environment. | |
| 21 | +production: | |
| 22 | + secret_key_base: <%= ENV["SECRET_KEY_BASE"] %> | ... | ... |