config: auto generate secret key if none given.

Automatically generate a random secret key for `Danbooru.config.secret_key_base` if no key is specified. This so that you can run Danbooru in a Docker container with zero configuration. This removes support for the ~/.danbooru/secret_token file and the SECRET_TOKEN environment variable. If you used either one of these, you must copy the value either to DANBOORU_SECRET_KEY_BASE in .env.local, or to `secret_key_base` in config/danbooru_local_config.rb. # .env.local DANBOORU_SECRET_KEY_BASE=<value> # config/danbooru_local_config.rb def secret_key_base # <value> end
2021-03-23 02:51:31 -05:00
parent 189adc683f
commit 1a8c70f5ff
4 changed files with 13 additions and 16 deletions
--- a/config/danbooru_default_config.rb
+++ b/config/danbooru_default_config.rb
@@ -1,13 +1,20 @@
 module Danbooru
  class Configuration
-    # A secret key used to encrypt session cookies, among other things. If this
-    # token is changed, existing login sessions will become invalid. If this
-    # token is stolen, attackers will be able to forge session cookies and
-    # login as any user.
+    # A secret key used to encrypt session cookies, among other things.
    #
-    # Must be specified. Use `rake secret` to generate a random secret token.
+    # If this key is changed, existing login sessions will become invalid and
+    # all users will be logged out.
+    #
+    # If this key is stolen, attackers will be able to forge session cookies
+    # and login as any user.
+    #
+    # Must be specified. If this is not specified, then a new secret key will
+    # generated every time the server starts, which will log out all users on
+    # every restart.
+    #
+    # Use `rake secret` to generate a random secret key.
    def secret_key_base
-      ENV["SECRET_TOKEN"].presence || File.read(File.expand_path("~/.danbooru/secret_token"))
+      SecureRandom.uuid
    end

    # The name of this Danbooru.