l9i7hw
Last Updated: February 25, 2016
·
924
· jan0sch
2aaae7041aca85da930bcaf14d6768d2

Rails session secret should not be in a public repository

You can move the rails session secret to an environment variable by modifying config/initializers/secret_token.rb like this:

MyApp::Application.config.secret_token = ENV['RAILS_SESSION_SECRET']

Given that you have the pwgen utility installed you can start your rails server in your development environment this way:

% RAILS_SESSION_SECRET=`pwgen -cns 128` rails server
Say Thanks
Respond