2013-02-05 14:16:51 -05:00
|
|
|
|
|
|
|
|
# Definitely change this when you deploy to production. Ours is replaced by jenkins.
|
2013-02-18 01:34:43 -05:00
|
|
|
# This token is used to secure sessions, we don't mind shipping with one to ease test and debug,
|
2013-02-25 11:42:20 -05:00
|
|
|
# however, the stock one should never be used in production, people will be able to crack
|
|
|
|
|
# session cookies.
|
2013-02-18 01:34:43 -05:00
|
|
|
#
|
2013-02-20 20:32:32 -05:00
|
|
|
# Generate a new secret with "rake secret". Copy the output of that command and paste it
|
|
|
|
|
# in your secret_token.rb as the value of Discourse::Application.config.secret_token:
|
|
|
|
|
#
|
2013-02-25 11:42:20 -05:00
|
|
|
# Discourse::Application.config.secret_token = "SET_SECRET_HERE"
|
2013-02-18 01:34:43 -05:00
|
|
|
|
|
|
|
|
# delete all lines below in production
|
2013-02-25 11:42:20 -05:00
|
|
|
if Rails.env.test? || Rails.env.development?
|
|
|
|
|
Discourse::Application.config.secret_token = "47f5390004bf6d25bb97083fb98e7cc133ab450ba814dd19638a78282b4ca291"
|
|
|
|
|
else
|
2013-03-01 17:55:49 -05:00
|
|
|
if Rails.env.production? && ENV['SECRET_TOKEN'].blank?
|
|
|
|
|
raise 'SECRET_TOKEN environment variable must be set!'
|
|
|
|
|
end
|
|
|
|
|
Discourse::Application.config.secret_token = ENV['SECRET_TOKEN']
|
2013-02-18 01:34:43 -05:00
|
|
|
end
|
|
|
|
|
|
