How to disable secret_token in Rails 3?
Posted
by
Damian Nowak
on Stack Overflow
See other posts from Stack Overflow
or by Damian Nowak
Published on 2013-11-13T14:46:44Z
Indexed on
2013/11/13
15:54 UTC
Read the original article
Hit count: 312
ruby-on-rails
|ruby-on-rails-3
I have several separate Rails 2 applications which share the same cookie. I upgraded one the applications to Rails 3.2.15 now. Mandatory secret_token in Rails 3 makes it impossible to share the session with the Rails 2 apps.
I am storing the session in Redis. What the visitor only gets in the cookie is a session ID. There's no need to encrypt it.
Therefore, how to disable secret_token in Rails 3?
A secret is required to generate an integrity hash for cookie session data. Use config.secret_token = "some secret phrase of at least 30 characters"in config/initializers/secret_token.rb
© Stack Overflow or respective owner