Using Secrets.yml File In Rails 4.1+

Posted By Weston Ganger

I was running brakeman (a rails security scanner) and it was complaining about a secret_token in config/initializers/secret_token.rb. So I looked into the secrets.yml file and heres how it works.

For example I am going to show how to setup the secret_key_base.


# config/secrets.yml

production:
  secret_key_base: your_super_long_secret_key

To use this value you would use ‘Rails.application.secrets.secret_key_base’


Now to setup this value in your config/initializers/secret_token.rb:


# config/initializers/secret_token.rb.yml

YourAppName::Application.config.secret_key_base = Rails.application.secrets.secret_key_base


Related External Links:

Article Topic:Software Development - Rails

Date:May 13, 2015