instance method secret_key_base

Ruby on Rails 7.2.3

Since v5.2.8.1

Available in: v5.2.8.1 v6.0.6 v6.1.7.10 v7.0.10 v7.1.6 v7.2.3 v8.0.4 v8.1.2

Signature

secret_key_base()

The secret_key_base is used as the input secret to the application’s key generator, which in turn is used to create all ActiveSupport::MessageVerifier and ActiveSupport::MessageEncryptor instances, including the ones that sign and encrypt cookies.

We look for it first in ENV["SECRET_KEY_BASE"], then in credentials.secret_key_base. For most applications, the correct place to store it is in the encrypted credentials file.

In development and test, if the secret_key_base is still empty, it is randomly generated and stored in a temporary file in tmp/local_secret.txt.

Generating a random secret_key_base and storing it in tmp/local_secret.txt can also be triggered by setting ENV["SECRET_KEY_BASE_DUMMY"]. This is useful when precompiling assets for production as part of a build step that otherwise does not need access to the production secrets.

Dockerfile example: RUN SECRET_KEY_BASE_DUMMY=1 bundle exec rails assets:precompile.

Source
# File railties/lib/rails/application.rb, line 472
    def secret_key_base
      config.secret_key_base
    end

Defined in railties/lib/rails/application.rb line 472 · View on GitHub · Improve this page · Find usages on GitHub

Defined in Rails::Application

Type at least 2 characters to search.

Use the arrow keys to navigate results, Enter to open one, Escape to close.

Keyboard shortcuts

/
Focus search
⌘K / Ctrl-K
Command palette
?
This help
Esc
Close