v6.1.7.7 - Show latest stable - 0 notes - Class: Rails::Application
secret_key_base() public

The secret_key_base is used as the input secret to the application’s key generator, which in turn is used to create all MessageVerifiers/MessageEncryptors, including the ones that sign and encrypt cookies.

In development and test, this is randomly generated and stored in a temporary file in tmp/development_secret.txt.

In all other environments, we look for it first in ENV[“SECRET_KEY_BASE”], then credentials.secret_key_base, and finally secrets.secret_key_base. For most applications, the correct place to store it is in the encrypted credentials file.

Show source
Register or log in to add new notes.