Download as
Browse Code »

Commit 4fca4d2b45787295574079209014f2d31fba7ca7

Authored by Braulio Bhavamitra
1 parent 8ca818fa
Exists in master and in 20 other branches add_member_task_reject_details, admin_visible_profile, community_notifications, fix_comments_pagination, fix_rails4_organization_ratings, fix_sign_up_form, follow_step_fix, forum_topic_creation, mirror_block_improvements, multi_env_on_remote_user, new_security, organization_ratings_improvements, profile_api_improvements, ratings_minor_fixes, send_email_to_admins, stable-spb-1.4, stable-spb-1.5, suggest_rejected_value, web_steps_improvements, xss_terminate_custom_options

rails4: use secret_key_base

Showing 3 changed files with 20 additions and 20 deletions   Show diff stats
config/application.rb
  Diff comments   View file @4fca4d2
... ... @@ -107,26 +107,9 @@ module Noosfero
107 107 config.sass.cache = true
108 108 config.sass.line_comments = false
109 109  
110   - def noosfero_session_secret
111   - require 'fileutils'
112   - target_dir = File.join(File.dirname(__FILE__), '../tmp')
113   - FileUtils.mkdir_p(target_dir)
114   - file = File.join(target_dir, 'session.secret')
115   - if !File.exists?(file)
116   - secret = (1..128).map { %w[0 1 2 3 4 5 6 7 8 9 a b c d e f][rand(16)] }.join('')
117   - File.open(file, 'w') do |f|
118   - f.puts secret
119   - end
120   - end
121   - File.read(file).strip
122   - end
123   -
124   - # Your secret key for verifying cookie session data integrity.
125   - # If you change this key, all old sessions will become invalid!
126   - # Make sure the secret is at least 30 characters and all random,
127   - # no regular words or you'll be exposed to dictionary attacks.
128   - config.secret_token = noosfero_session_secret
129   - config.session_store :cookie_store, :key => '_noosfero_session'
  110 + config.action_dispatch.session = {
  111 + :key => '_noosfero_session',
  112 + }
130 113  
131 114 config.paths['db/migrate'] += Dir.glob "#{Rails.root}/{baseplugins,config/plugins}/*/db/migrate"
132 115 config.i18n.load_path += Dir.glob "#{Rails.root}/{baseplugins,config/plugins}/*/locales/*.{rb,yml}"
... ...
config/initializers/secret_token.rb 0 → 100644
  Diff comments   View file @4fca4d2
... ... @@ -0,0 +1,3 @@
  1 +Noosfero::Application.config.secret_token = Noosfero.session_secret
  2 +Noosfero::Application.config.secret_key_base = Noosfero.session_secret
  3 +
... ...
lib/noosfero.rb
  Diff comments   View file @4fca4d2
... ... @@ -51,6 +51,20 @@ module Noosfero
51 51 yield
52 52 FastGettext.set_locale(orig_locale)
53 53 end
  54 +
  55 + def session_secret
  56 + require 'fileutils'
  57 + target_dir = File.join(File.dirname(__FILE__), '../tmp')
  58 + FileUtils.mkdir_p(target_dir)
  59 + file = File.join(target_dir, 'session.secret')
  60 + if !File.exists?(file)
  61 + secret = (1..128).map { %w[0 1 2 3 4 5 6 7 8 9 a b c d e f][rand(16)] }.join('')
  62 + File.open(file, 'w') do |f|
  63 + f.puts secret
  64 + end
  65 + end
  66 + File.read(file).strip
  67 + end
54 68 end
55 69  
56 70 def self.identifier_format
... ...