summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAzul <azul@leap.se>2013-03-15 11:33:21 +0100
committerAzul <azul@leap.se>2013-03-15 11:33:21 +0100
commit1eab831d706720777921bb429f97a72721d049f6 (patch)
treec17ae2f24398147e465ab7791c1044a4d30af41a
parent869ba2f363a48d0f76321efc08a228f54aeb6758 (diff)
fetch secret token for signing cookies from config
-rw-r--r--config/defaults.yml2
-rw-r--r--config/initializers/secret_token.rb7
2 files changed, 8 insertions, 1 deletions
diff --git a/config/defaults.yml b/config/defaults.yml
index cca827a..f3b92c0 100644
--- a/config/defaults.yml
+++ b/config/defaults.yml
@@ -18,12 +18,14 @@ development:
<<: *cert_options
admins: [admin, admin2]
domain: develop.me
+ secret_token: '550df064dbc5052d9e192b324c1c5a1095c85a2195f88bd6f6829c63b74d8dffa4556494a2e8cc44345a1926be8b6cb17aa4b3f3102d826f5679c3fb57bb7100'
test:
<<: *dev_ca
<<: *cert_options
admins: [admin, admin2]
domain: test.me
+ secret_token: '550df064dbc5052d9e192b324c1c5a1095c85a2195f88bd6f6829c63b74d8dffa4556494a2e8cc44345a1926be8b6cb17aa4b3f3102d826f5679c3fb57bb7100'
production:
<<: *cert_options
diff --git a/config/initializers/secret_token.rb b/config/initializers/secret_token.rb
index 23c1aac..c4e1e6d 100644
--- a/config/initializers/secret_token.rb
+++ b/config/initializers/secret_token.rb
@@ -4,4 +4,9 @@
# If you change this key, all old signed cookies will become invalid!
# Make sure the secret is at least 30 characters and all random,
# no regular words or you'll be exposed to dictionary attacks.
-LeapWeb::Application.config.secret_token = '550df064dbc5052d9e192b324c1c5a1095c85a2195f88bd6f6829c63b74d8dffa4556494a2e8cc44345a1926be8b6cb17aa4b3f3102d826f5679c3fb57bb7100'
+
+if token = APP_CONFIG['secret_token']
+ LeapWeb::Application.config.secret_token = token
+else
+ raise StandartError.new("No secret_token defined in config/config.yml - please provide one.")
+end