fix secret_token init to always allow an override even if its too short

This commit is contained in:
Sam 2013-08-29 15:27:01 +10:00
parent 2b1a140c9b
commit aaf41d227f

View file

@ -1,10 +1,13 @@
# We have had lots of config issues with SECRET_TOKEN to avoid this mess we are moving it to redis
# if you feel strongly that it does not belong there use ENV['SECRET_TOKEN']
#
token = ENV['SECRET_TOKEN'] || $redis.get('SECRET_TOKEN')
token = ENV['SECRET_TOKEN']
unless token
token = $redis.get('SECRET_TOKEN')
unless token && token.length == 128
token = SecureRandom.hex(64)
$redis.set('SECRET_TOKEN',token)
end
end
Discourse::Application.config.secret_token = token