diff options
Diffstat (limited to 'lib/tasks/initializers.rake')
| -rw-r--r-- | lib/tasks/initializers.rake | 30 |
1 files changed, 10 insertions, 20 deletions
diff --git a/lib/tasks/initializers.rake b/lib/tasks/initializers.rake index a80bd1d1b..c1fdc7bf5 100644 --- a/lib/tasks/initializers.rake +++ b/lib/tasks/initializers.rake @@ -1,34 +1,24 @@ -desc 'Generates a configuration file for cookie store sessions.' +desc 'Generates a secret token for the application.' -file 'config/initializers/session_store.rb' do - path = File.join(Rails.root, 'config', 'initializers', 'session_store.rb') - secret = ActiveSupport::SecureRandom.hex(40) +file 'config/initializers/secret_token.rb' do + path = File.join(Rails.root, 'config', 'initializers', 'secret_token.rb') + secret = SecureRandom.hex(40) File.open(path, 'w') do |f| f.write <<"EOF" -# This file was generated by 'rake config/initializers/session_store.rb', -# and should not be made visible to public. +# This file was generated by 'rake generate_secret_token', and should +# not be made visible to public. # If you have a load-balancing Redmine cluster, you will need to use the # same version of this file on each machine. And be sure to restart your # server when you modify this file. - +# # Your secret key for verifying cookie session data integrity. If you # change this key, all old sessions will become invalid! Make sure the # secret is at least 30 characters and all random, no regular words or # you'll be exposed to dictionary attacks. -ActionController::Base.session = { - :key => '_redmine_session', - # - # Uncomment and edit the :session_path below if are hosting your Redmine - # at a suburi and don't want the top level path to access the cookies - # - # See: http://www.redmine.org/issues/3968 - # - # :session_path => '/url_path_to/your/redmine/', - :secret => '#{secret}' -} +RedmineApp::Application.config.secret_token = '#{secret}' EOF end end -desc 'Generates a configuration file for cookie store sessions.' -task :generate_session_store => ['config/initializers/session_store.rb'] +desc 'Generates a secret token for the application.' +task :generate_secret_token => ['config/initializers/secret_token.rb'] |