##// END OF EJS Templates
jro_apps » redmine
RSS
Replaced SessionStore :session_key with :key (#6887)....
Jean-Philippe Lang -
r4291:c4a218358f49
parent child
Show More
Side by Side Unified
Context file:
r4291:c4a218358f49 Loading diff...:
Show file before | Show file after | Hide comments
@@ -1,29 +1,29
1 # Settings specified here will take precedence over those in config/environment.rb
1 # Settings specified here will take precedence over those in config/environment.rb
2
2
3 # The test environment is used exclusively to run your application's
3 # The test environment is used exclusively to run your application's
4 # test suite. You never need to work with it otherwise. Remember that
4 # test suite. You never need to work with it otherwise. Remember that
5 # your test database is "scratch space" for the test suite and is wiped
5 # your test database is "scratch space" for the test suite and is wiped
6 # and recreated between test runs. Don't rely on the data there!
6 # and recreated between test runs. Don't rely on the data there!
7 config.cache_classes = true
7 config.cache_classes = true
8
8
9 # Log error messages when you accidentally call methods on nil.
9 # Log error messages when you accidentally call methods on nil.
10 config.whiny_nils = true
10 config.whiny_nils = true
11
11
12 # Show full error reports and disable caching
12 # Show full error reports and disable caching
13 config.action_controller.consider_all_requests_local = true
13 config.action_controller.consider_all_requests_local = true
14 config.action_controller.perform_caching = false
14 config.action_controller.perform_caching = false
15
15
16 config.action_mailer.perform_deliveries = true
16 config.action_mailer.perform_deliveries = true
17 config.action_mailer.delivery_method = :test
17 config.action_mailer.delivery_method = :test
18
18
19 config.action_controller.session = {
19 config.action_controller.session = {
20 :session_key => "_test_session",
20 :key => "_test_session",
21 :secret => "some secret phrase for the tests."
21 :secret => "some secret phrase for the tests."
22 }
22 }
23
23
24 # Skip protect_from_forgery in requests http://m.onkey.org/2007/9/28/csrf-protection-for-your-existing-rails-application
24 # Skip protect_from_forgery in requests http://m.onkey.org/2007/9/28/csrf-protection-for-your-existing-rails-application
25 config.action_controller.allow_forgery_protection = false
25 config.action_controller.allow_forgery_protection = false
26
26
27 config.gem "shoulda", :version => "~> 2.10.3"
27 config.gem "shoulda", :version => "~> 2.10.3"
28 config.gem "edavis10-object_daddy", :lib => "object_daddy"
28 config.gem "edavis10-object_daddy", :lib => "object_daddy"
29 config.gem "mocha"
29 config.gem "mocha"
Show file before | Show file after | Hide comments
@@ -1,34 +1,34
1 desc 'Generates a configuration file for cookie store sessions.'
1 desc 'Generates a configuration file for cookie store sessions.'
2
2
3 file 'config/initializers/session_store.rb' do
3 file 'config/initializers/session_store.rb' do
4 path = File.join(RAILS_ROOT, 'config', 'initializers', 'session_store.rb')
4 path = File.join(RAILS_ROOT, 'config', 'initializers', 'session_store.rb')
5 secret = ActiveSupport::SecureRandom.hex(40)
5 secret = ActiveSupport::SecureRandom.hex(40)
6 File.open(path, 'w') do |f|
6 File.open(path, 'w') do |f|
7 f.write <<"EOF"
7 f.write <<"EOF"
8 # This file was generated by 'rake config/initializers/session_store.rb',
8 # This file was generated by 'rake config/initializers/session_store.rb',
9 # and should not be made visible to public.
9 # and should not be made visible to public.
10 # If you have a load-balancing Redmine cluster, you will need to use the
10 # If you have a load-balancing Redmine cluster, you will need to use the
11 # same version of this file on each machine. And be sure to restart your
11 # same version of this file on each machine. And be sure to restart your
12 # server when you modify this file.
12 # server when you modify this file.
13
13
14 # Your secret key for verifying cookie session data integrity. If you
14 # Your secret key for verifying cookie session data integrity. If you
15 # change this key, all old sessions will become invalid! Make sure the
15 # change this key, all old sessions will become invalid! Make sure the
16 # secret is at least 30 characters and all random, no regular words or
16 # secret is at least 30 characters and all random, no regular words or
17 # you'll be exposed to dictionary attacks.
17 # you'll be exposed to dictionary attacks.
18 ActionController::Base.session = {
18 ActionController::Base.session = {
19 :session_key => '_redmine_session',
19 :key => '_redmine_session',
20 #
20 #
21 # Uncomment and edit the :session_path below if are hosting your Redmine
21 # Uncomment and edit the :session_path below if are hosting your Redmine
22 # at a suburi and don't want the top level path to access the cookies
22 # at a suburi and don't want the top level path to access the cookies
23 #
23 #
24 # See: http://www.redmine.org/issues/3968
24 # See: http://www.redmine.org/issues/3968
25 #
25 #
26 # :session_path => '/url_path_to/your/redmine/',
26 # :session_path => '/url_path_to/your/redmine/',
27 :secret => '#{secret}'
27 :secret => '#{secret}'
28 }
28 }
29 EOF
29 EOF
30 end
30 end
31 end
31 end
32
32
33 desc 'Generates a configuration file for cookie store sessions.'
33 desc 'Generates a configuration file for cookie store sessions.'
34 task :generate_session_store => ['config/initializers/session_store.rb']
34 task :generate_session_store => ['config/initializers/session_store.rb']
General Comments 0
You need to be logged in to leave comments. Login now