Have you ever wondered about those secret keys found in
config/secrets.yml of your Rails app? The comments generated in that file describe the keys as such:
‘Your secret key is used for verifying the integrity of signed cookies.’
Great… but what if they become compromised? Or we need to change them? We can generate new ones.
rake secret for just this purpose.
The source code is here. The code simply requires
SecureRandom and spits out a string. If you want to be really clever, you can pipe the string directly into your Vim buffer for the config file, with
:.! rake secret.
rake -T secret inside a Rails root directory for more information.