Reputation: 3802
Rails: DEPRECATION WARNING: You didn't set config.secret_key_base
I receive this warning when running my specs. Is there a best practice for generating a secret_key_base, or will any string suffice (with regard to security concerns)?
Upvotes: 49
Views: 27669
Answers (5)
Reputation: 29028
Had this same issue when working on a Rails 4 application that was upgraded to Rails 5.
All I had to do was run the command below to generate a secret key:
bundle exec rake secret
And then I added the secret key to the config/secret.yml file:
development:
secret_key_base: 21bc6137d0496a2a11f4459a7c7deb4f782d223d41ee328934b2fe7a405a42ec63eb3829db67f0ec6a759e134ba0bb15dc2d01168b64d83efcf8d42b403ac8bd
Upvotes: 0
Reputation: 33646
You propably upgraded to Rails 4 from a 3.x or a previous version.
First generate a random secret key value:
$ bundle exec rake secret
Then take that value and put it in config/initializers/secret_token.rb:
YourApp::Application.config.secret_key_base = 'your-secret'
replacing YourApp with the name of your application.
The reason for this is explained here.
Also see http://guides.rubyonrails.org/upgrading_ruby_on_rails.html#config-secrets-yml
Upvotes: 101
Reputation: 2228
As of 4.1, you need to use the config/secrets.yml file. This is discussed in http://guides.rubyonrails.org/upgrading_ruby_on_rails.html#config-secrets-yml .
Upvotes: 6
Reputation: 33
If you are a total noob like me, remember to put the secret_key_base = 'whatever' inside single quotes. Just a copy and paste without quotes will throw an error :
C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/activesupport-4.0.8/lib/act ive_support/dependencies.rb:223:in `load': C:/Users/Jeff C/documents/rails_proje cts/first_app/config/initializers/secret_token.rb:1: syntax error, unexpected tI DENTIFIER, expecting $end (SyntaxError)
Upvotes: 2
Reputation: 41
You simply need to create a secret_token.rb file in the config/initializers directory.
Contents of the file below:
YourAppNameHere::Application.config.secret_key_base = #type the key you generated with rake secret here
then save the file
close your server:
ctrl c
restart it: rails s
You'll now see the basic rails app page you saw in the last chapter (If you're working through Hartl's tutorial)
Upvotes: 4
Related Questions
- Missing production secret_key_base in rails
- How to solve error "Missing `secret_key_base` for 'production' environment" (Rails 4.1)
- Missing `secret_token` and `secret_key_base` for 'development' environment, set these values in `config/secrets.yml`
- Rails: Unable to use new `config/secrets.yml`
- Rails missing SECRET_KEY_BASE in production
- RubyonRails- You must set config.secret_key_base in your app's config
- Rails doesn't pick up SECRET_KEY_BASE environment variable
- Missing secret_key_base in rails production
- Missing secret_key_base for production environment - hosting a rails 4.1.4 app on heroku
- Rails4 Deprecation Warning