Reputation: 6415
I'm getting the following error in my Phoenix application:
cookie store expects conn.secret_key_base to be set
It appears to be coming from the |> redirect(to: session_path(conn, :new))
line of this authenticate function in my PostController module:
defp authenticate(conn, _opts) do
if conn.assigns.current_user do
|> put_flash(:error, "You must be signed in to post a project.")
|> redirect(to: session_path(conn, :new))
|> halt()
Obviously this error means that conn.secret_key_base needs to be set.
Where and how do I set this value?
Upvotes: 8
Views: 7060
Reputation: 84180
This should be specified by default when you create your phoenix application:
If this config is missing for you, put the following in config/config.exs
config :my_app, MyApp.Endpoint,
secret_key_base: "some_secret",
You can use the mix phx.gen.secret
task to generate the value you should use instead of "some_secret".
Upvotes: 19
Reputation: 16761
You set this in config/prod.secret.exs . Note that this shouldn't go into your version control since it is supposed to be secret.
# config/prod.secret.exs
use Mix.Config
config :trope_api, MyApp.Endpoint,
secret_key_base: "SOMEVERYLONGSTRING"
This file is included in config/prod.exs at the bottom
# config/prod.exs
# Finally import the config/prod.secret.exs
# which should be versioned separately.
import_config "prod.secret.exs"
An other approach than to just keep it out of your version control system would be to use environment variables to set it when you start your app.
You can access them in your app like this:
# config/prod.exs
# Just a test vaule for env variables
config :my_app, MyApp,
test_value: System.get_env("TESTCONFIG")
And then set them when starting your server
$ PORT=4001 MIX_ENV=prod TESTCONFIG=testvalue mix phoenix.server
If you want to use this during development as well, you could export the variables to your shell. Or just create a file named .env
(or whatever you like) in your project root and add it to your .gitignore. There you add your environment variables, like so:
export TESTCONFIG="Test Config Value"
export OTHERTESTCONFIG="Other Test Config Value"
When starting a new terminal session, just quickly run source .env
inside your project folder. This is also useful for database credentials. This way they stay out of version control and more importantly are not hardcoded. So when you work in a team, everyone can have their own .env
file with the correct values for their local development setup (db etc.)
When deploying an app into production, you can use .env
files on your server or in your container for an easier but secure start.
Upvotes: 5