jro_apps/redmine Commit - r3671:69d9600f48d8

1

desc 'Generates a configuration file for cookie store sessions.'

1

desc 'Generates a configuration file for cookie store sessions.'

2

3

file 'config/initializers/session_store.rb' do

3

file 'config/initializers/session_store.rb' do

4

path = File.join(RAILS_ROOT, 'config', 'initializers', 'session_store.rb')

4

path = File.join(RAILS_ROOT, 'config', 'initializers', 'session_store.rb')

5

secret = ActiveSupport::SecureRandom.hex(40)

5

secret = ActiveSupport::SecureRandom.hex(40)

6

File.open(path, 'w') do |f|

6

File.open(path, 'w') do |f|

7

f.write <<"EOF"

7

f.write <<"EOF"

8

# This file was generated by 'rake config/initializers/session_store.rb',

8

# This file was generated by 'rake config/initializers/session_store.rb',

9

# and should not be made visible to public.

9

# and should not be made visible to public.

10

# If you have a load-balancing Redmine cluster, you will need to use the

10

# If you have a load-balancing Redmine cluster, you will need to use the

11

# same version of this file on each machine. And be sure to restart your

11

# same version of this file on each machine. And be sure to restart your

12

# server when you modify this file.

12

# server when you modify this file.

13

14

# Your secret key for verifying cookie session data integrity. If you

14

# Your secret key for verifying cookie session data integrity. If you

15

# change this key, all old sessions will become invalid! Make sure the

15

# change this key, all old sessions will become invalid! Make sure the

16

# secret is at least 30 characters and all random, no regular words or

16

# secret is at least 30 characters and all random, no regular words or

17

# you'll be exposed to dictionary attacks.

17

# you'll be exposed to dictionary attacks.

18

ActionController::Base.session = {

18

ActionController::Base.session = {

19

:session_key => '_redmine_session',

19

:session_key => '_redmine_session',

20

#

21

# Uncomment and edit the :session_path below if are hosting your Redmine

22

# at a suburi and don't want the top level path to access the cookies

23

#

24

# See: http://www.redmine.org/issues/3968

25

#

26

# :session_path => '/url_path_to/your/redmine/',

20

:secret => '#{secret}'

27

:secret => '#{secret}'

21

}

28

}

22

EOF

29

EOF

23

end

30

end

24

end

31

end

25

32

26

desc 'Generates a configuration file for cookie store sessions.'

33

desc 'Generates a configuration file for cookie store sessions.'

27

task :generate_session_store => ['config/initializers/session_store.rb']

34

task :generate_session_store => ['config/initializers/session_store.rb']

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

             desc 'Generates a configuration file for cookie store sessions.'
             file 'config/initializers/session_store.rb' do
               path = File.join(RAILS_ROOT, 'config', 'initializers', 'session_store.rb')
               secret = ActiveSupport::SecureRandom.hex(40)
               File.open(path, 'w') do |f|
                 f.write <<"EOF"
             # This file was generated by 'rake config/initializers/session_store.rb',
             # and should not be made visible to public.
             # If you have a load-balancing Redmine cluster, you will need to use the
             # same version of this file on each machine. And be sure to restart your
             # server when you modify this file.
             # Your secret key for verifying cookie session data integrity. If you
             # change this key, all old sessions will become invalid! Make sure the
             # secret is at least 30 characters and all random, no regular words or
             # you'll be exposed to dictionary attacks.
             ActionController::Base.session = {
               :session_key => '_redmine_session',
+              #
+              # Uncomment and edit the :session_path below if are hosting your Redmine
+              # at a suburi and don't want the top level path to access the cookies
+              #
+              # See: http://www.redmine.org/issues/3968
+              #
+              # :session_path => '/url_path_to/your/redmine/',
               :secret => '#{secret}'
             }
             EOF
               end
             end
             desc 'Generates a configuration file for cookie store sessions.'
             task :generate_session_store => ['config/initializers/session_store.rb']