From a0cf0951af31bee81d5291ca31d7daa3b04d9001 Mon Sep 17 00:00:00 2001 From: Jacques Distler Date: Mon, 24 Dec 2007 17:18:30 -0600 Subject: [PATCH] Document the Secret Key configuration a bit --- config/environment.rb | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/config/environment.rb b/config/environment.rb index f299f4fd..978f479e 100644 --- a/config/environment.rb +++ b/config/environment.rb @@ -8,7 +8,17 @@ Rails::Initializer.run do |config| generator = Rails::SecretKeyGenerator.new("Instiki") config.action_controller.session = { :session_key => "instiki_session", + ##### + ### This one generates a secret key automatically at launch. + ### advantage: secure, no configuration necessary + ### disadvantage: restart the server, and all existing + ### session keys become invalid. :secret => generator.generate_secret + ### + ### Alternatively, you can set your own unchanging secret key + ### by editing and then uncommenting the following line, instead: + # : secret => "a_very_long_string_of_random_letter_and_numbers" + ##### } # Skip frameworks you're not going to use