v5.2.3 - Show latest stable - 0 notes - Class: Rails::Application
secret_key_base() public

The secret_key_base is used as the input secret to the application’s key generator, which in turn is used to create all MessageVerifiers/MessageEncryptors, including the ones that sign and encrypt cookies.

In test and development, this is simply derived as a MD5 hash of the application’s name.

In all other environments, we look for it first in ENV[“SECRET_KEY_BASE”], then credentials.secret_key_base, and finally secrets.secret_key_base. For most applications, the correct place to store it is in the encrypted credentials file.

Show source
Register or log in to add new notes.