From 22b4ec2d0b4e726b5ec2bae89122d63bdbd571e0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dennis=20G=C3=BCnnewig?= Date: Fri, 15 Sep 2017 00:12:01 +0200 Subject: [PATCH] Make SECRET_TOKEN random by default --- app.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app.rb b/app.rb index a4238f301..1169a3b32 100644 --- a/app.rb +++ b/app.rb @@ -9,6 +9,7 @@ require "will_paginate/active_record" require "sprockets" require "sprockets-helpers" +require "securerandom" require_relative "app/helpers/authentication_helpers" require_relative "app/repositories/user_repository" @@ -33,7 +34,7 @@ class Stringer < Sinatra::Base set :root, File.dirname(__FILE__) enable :sessions - set :session_secret, ENV["SECRET_TOKEN"] || "secret!" + set :session_secret, ENV["SECRET_TOKEN"] || SecureRandom.hex(32) enable :logging enable :method_override