Today I Learned

A Hashrocket project

Generate a Rails Secret Key

Have you ever wondered about those secret keys found in config/secrets.yml of your Rails app? The comments generated in that file describe the keys as such:

‘Your secret key is used for verifying the integrity of signed cookies.’

Great… but what if they become compromised? Or we need to change them? We can generate new ones.

Rails provides rake secret for just this purpose.

The source code is here. The code simply requires SecureRandom and spits out a string. If you want to be really clever, you can pipe the string directly into your Vim buffer for the config file, with :.! rake secret.

Check out rake -T secret inside a Rails root directory for more information.

Looking for help? Hashrocket has been an industry leader in Ruby on Rails since 2008. Rails is a core skill for each developer at Hashrocket, and we'd love to take a look at your project. Contact us and find out how we can help you.