Skip to content

Commit

Permalink
Improved secret token generation
Browse files Browse the repository at this point in the history
  • Loading branch information
@ankane
ankane committed May 30, 2024
1 parent feba5a1 commit 5d7797b
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 7 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
## 2.3.0 (unreleased)

- Added support for key rotation
- Improved secret token generation

## 2.2.0 (2023-07-02)

Expand Down
12 changes: 5 additions & 7 deletions lib/ahoy_email/engine.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,8 @@ module AhoyEmail
class Engine < ::Rails::Engine
initializer "ahoy_email" do |app|
AhoyEmail.secret_token ||= begin
# Fix for issue with Mailkick and SECRET_KEY_BASE_DUMMY with Rails 7.1
# https://github.com/ankane/mailkick/pull/74
if Rails::VERSION::STRING.to_f >= 7.1 && ENV["SECRET_KEY_BASE_DUMMY"]
# TODO use for token in 3.0
app.key_generator.generate_key("ahoy_email")
end
tokens = []
tokens << app.key_generator.generate_key("ahoy_email")

# TODO remove in 3.0
creds =
Expand All @@ -23,7 +19,9 @@ class Engine < ::Rails::Engine

token = creds.respond_to?(:secret_key_base) ? creds.secret_key_base : creds.secret_token
token ||= app.secret_key_base # should come first, but need to maintain backward compatibility
token
tokens << token

tokens
end
end
end
Expand Down

0 comments on commit 5d7797b

Please sign in to comment.