2009-02-21 14:04:50 +03:00
|
|
|
desc 'Generates a configuration file for cookie store sessions.'
|
|
|
|
|
|
|
|
file 'config/initializers/session_store.rb' do
|
|
|
|
path = File.join(RAILS_ROOT, 'config', 'initializers', 'session_store.rb')
|
|
|
|
secret = ActiveSupport::SecureRandom.hex(40)
|
|
|
|
File.open(path, 'w') do |f|
|
|
|
|
f.write <<"EOF"
|
|
|
|
# This file was generated by 'rake config/initializers/session_store.rb',
|
|
|
|
# and should not be made visible to public.
|
|
|
|
# If you have a load-balancing Redmine cluster, you will need to use the
|
|
|
|
# same version of this file on each machine. And be sure to restart your
|
|
|
|
# server when you modify this file.
|
|
|
|
|
|
|
|
# Your secret key for verifying cookie session data integrity. If you
|
|
|
|
# change this key, all old sessions will become invalid! Make sure the
|
|
|
|
# secret is at least 30 characters and all random, no regular words or
|
|
|
|
# you'll be exposed to dictionary attacks.
|
|
|
|
ActionController::Base.session = {
|
|
|
|
:session_key => '_redmine_session',
|
2010-06-20 00:04:47 +04:00
|
|
|
#
|
|
|
|
# Uncomment and edit the :session_path below if are hosting your Redmine
|
|
|
|
# at a suburi and don't want the top level path to access the cookies
|
|
|
|
#
|
|
|
|
# See: http://www.redmine.org/issues/3968
|
|
|
|
#
|
|
|
|
# :session_path => '/url_path_to/your/redmine/',
|
2009-02-21 14:04:50 +03:00
|
|
|
:secret => '#{secret}'
|
|
|
|
}
|
|
|
|
EOF
|
|
|
|
end
|
|
|
|
end
|
2009-12-30 03:46:48 +03:00
|
|
|
|
|
|
|
desc 'Generates a configuration file for cookie store sessions.'
|
|
|
|
task :generate_session_store => ['config/initializers/session_store.rb']
|