method

encrypted

v6.0.0 - Show latest stable - Class: Rails::Application

encrypted(path, key_path: "config/master.key", env_key: "RAILS_MASTER_KEY")

public

Shorthand to decrypt any encrypted configurations or files.

For any file added with rails encrypted:edit call read to decrypt the file with the master key. The master key is either stored in config/master.key or ENV["RAILS_MASTER_KEY"].

Rails.application.encrypted("config/mystery_man.txt.enc").read
# => "We've met before, haven't we?"

It’s also possible to interpret encrypted YAML files with config.

Rails.application.encrypted("config/credentials.yml.enc").config
# => { next_guys_line: "I don't think so. Where was it you think we met?" }

Any top-level configs are also accessible directly on the return value:

Rails.application.encrypted("config/credentials.yml.enc").next_guys_line
# => "I don't think so. Where was it you think we met?"

The files or configs can also be encrypted with a custom key. To decrypt with a key in the ENV, use:

Rails.application.encrypted("config/special_tokens.yml.enc", env_key: "SPECIAL_TOKENS")

Or to decrypt with a file, that should be version control ignored, relative to Rails.root:

Rails.application.encrypted("config/special_tokens.yml.enc", key_path: "config/special_tokens.key")

# File railties/lib/rails/application.rb, line 467
    def encrypted(path, key_path: "config/master.key", env_key: "RAILS_MASTER_KEY")
      ActiveSupport::EncryptedConfiguration.new(
        config_path: Rails.root.join(path),
        key_path: Rails.root.join(key_path),
        env_key: env_key,
        raise_if_missing_key: config.require_master_key
      )
    end

encrypted

Related methods