How to disable secret_token in Rails 3?

Posted by Damian Nowak on Stack Overflow See other posts from Stack Overflow or by Damian Nowak
Published on 2013-11-13T14:46:44Z Indexed on 2013/11/13 15:54 UTC
Read the original article Hit count: 312

I have several separate Rails 2 applications which share the same cookie. I upgraded one the applications to Rails 3.2.15 now. Mandatory secret_token in Rails 3 makes it impossible to share the session with the Rails 2 apps.

I am storing the session in Redis. What the visitor only gets in the cookie is a session ID. There's no need to encrypt it.

Therefore, how to disable secret_token in Rails 3?

A secret is required to generate an integrity hash for cookie session data. Use config.secret_token = "some secret phrase of at least 30 characters"in config/initializers/secret_token.rb

© Stack Overflow or respective owner

Related posts about ruby-on-rails

Related posts about ruby-on-rails-3