Project

General

Profile

Actions

Defect #12429

closed

Incorrect location of secret_token in the error message

Added by kuolai shu over 11 years ago. Updated about 8 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Affected version:

Description

Incorrect location of secret_token in the error message

I am using Rails 3.2.8, postgreSQL 9.2, ruby 1.9.3, and Windows XP
I started Redmine locally alright
Chrome (my browser) displayed Internal Error when I did http://127.0.0.1:3000/
My development.log says: Use config.secret_token = "some secret phrase of at least 30 characters"in config/initializers/secret_token.rb):

I cannot find secret_token.rb under config/initializers.
I do find a config/configuration.yml has a line #secret_token: 'change it to a long random string'
Uncommenting secret_token: did get my out of the error.

Q: Is config/configuration.yml the right place to define secret_token?
Q: Where is secret_token located at when we use command like "rake generate_secret_token" as in http://railsguides.net/2012/04/28/how-to-deploy-redmine-to-heroku/

Actions #1

Updated by Jean-Philippe Lang over 11 years ago

This error message is a standard Rails error message for when running without a secret token. In Rails applications, this token is generally located config/initializers/secret_token.rb. The rake task (generate_secret_token) was added time ago in Redmine to automatically generate this file with a random token (the file does not exist by default).

I find it a bit awkward to have the configuration spread everywhere (eg. database.yml, secret_token.rb...) + the Rails syntax for setting the secret token changes sometimes and secret_token.rb has to be rewritten (this does not make Redmine upgrades straightforward at all). So I've added the ability to set it in configuration.yml, and Redmine takes care of it. So yes, config/configuration.yml is the right place to define secret_token.

Actions #2

Updated by David Gessel over 8 years ago

I'm not 100% sure I understand the concept. I tried to execute

$ bundle exec rake generate_secret_token

And got a file not found error. I searched for the file name, and finding it elsewhere, copied it to where the script seemed to expect it


cp /usr/local/lib/ruby/gems/2.1/gems/railties-3.2.22/guides/code/getting_started/config/initializers/secret_token.rb /usr/local/www/redmine/config/initializers/secret_token.rb

Awesome, generate_secret_token seems happy, but now
$ RAILS_ENV=production bundle exec rake db:migrate --trace

fails with
** Invoke db:migrate (first_time)
** Invoke environment (first_time)
** Execute environment
rake aborted!
NameError: uninitialized constant Blog
/usr/local/www/redmine/config/initializers/secret_token.rb:7:in `<top (required)>'
/usr/local/lib/ruby/gems/2.1/gems/railties-3.2.22/lib/rails/engine.rb:593:in `block (2 levels) in <class:Engine>'
/usr/local/lib/ruby/gems/2.1/gems/railties-3.2.22/lib/rails/engine.rb:592:in `each'
/usr/local/lib/ruby/gems/2.1/gems/railties-3.2.22/lib/rails/engine.rb:592:in `block in <class:Engine>'
/usr/local/lib/ruby/gems/2.1/gems/railties-3.2.22/lib/rails/initializable.rb:30:in `instance_exec'
/usr/local/lib/ruby/gems/2.1/gems/railties-3.2.22/lib/rails/initializable.rb:30:in `run'
/usr/local/lib/ruby/gems/2.1/gems/railties-3.2.22/lib/rails/initializable.rb:55:in `block in run_initializers'
/usr/local/lib/ruby/gems/2.1/gems/railties-3.2.22/lib/rails/initializable.rb:54:in `each'
/usr/local/lib/ruby/gems/2.1/gems/railties-3.2.22/lib/rails/initializable.rb:54:in `run_initializers'
/usr/local/lib/ruby/gems/2.1/gems/railties-3.2.22/lib/rails/application.rb:136:in `initialize!'
/usr/local/lib/ruby/gems/2.1/gems/railties-3.2.22/lib/rails/railtie/configurable.rb:30:in `method_missing'
/usr/local/www/redmine/config/environment.rb:14:in `<top (required)>'
/usr/local/lib/ruby/gems/2.1/gems/railties-3.2.22/lib/rails/application.rb:103:in `require_environment!'
/usr/local/lib/ruby/gems/2.1/gems/railties-3.2.22/lib/rails/application.rb:305:in `block (2 levels) in initialize_tasks'
/usr/local/lib/ruby/gems/2.1/gems/rake-10.4.2/lib/rake/task.rb:240:in `call'
/usr/local/lib/ruby/gems/2.1/gems/rake-10.4.2/lib/rake/task.rb:240:in `block in execute'
/usr/local/lib/ruby/gems/2.1/gems/rake-10.4.2/lib/rake/task.rb:235:in `each'
/usr/local/lib/ruby/gems/2.1/gems/rake-10.4.2/lib/rake/task.rb:235:in `execute'
/usr/local/lib/ruby/gems/2.1/gems/rake-10.4.2/lib/rake/task.rb:179:in `block in invoke_with_call_chain'
/usr/local/lib/ruby/2.1/monitor.rb:211:in `mon_synchronize'
/usr/local/lib/ruby/gems/2.1/gems/rake-10.4.2/lib/rake/task.rb:172:in `invoke_with_call_chain'
/usr/local/lib/ruby/gems/2.1/gems/rake-10.4.2/lib/rake/task.rb:201:in `block in invoke_prerequisites'
/usr/local/lib/ruby/gems/2.1/gems/rake-10.4.2/lib/rake/task.rb:199:in `each'
/usr/local/lib/ruby/gems/2.1/gems/rake-10.4.2/lib/rake/task.rb:199:in `invoke_prerequisites'
/usr/local/lib/ruby/gems/2.1/gems/rake-10.4.2/lib/rake/task.rb:178:in `block in invoke_with_call_chain'
/usr/local/lib/ruby/2.1/monitor.rb:211:in `mon_synchronize'
/usr/local/lib/ruby/gems/2.1/gems/rake-10.4.2/lib/rake/task.rb:172:in `invoke_with_call_chain'
/usr/local/lib/ruby/gems/2.1/gems/rake-10.4.2/lib/rake/task.rb:165:in `invoke'
/usr/local/lib/ruby/gems/2.1/gems/rake-10.4.2/lib/rake/application.rb:150:in `invoke_task'
/usr/local/lib/ruby/gems/2.1/gems/rake-10.4.2/lib/rake/application.rb:106:in `block (2 levels) in top_level'
/usr/local/lib/ruby/gems/2.1/gems/rake-10.4.2/lib/rake/application.rb:106:in `each'
/usr/local/lib/ruby/gems/2.1/gems/rake-10.4.2/lib/rake/application.rb:106:in `block in top_level'
/usr/local/lib/ruby/gems/2.1/gems/rake-10.4.2/lib/rake/application.rb:115:in `run_with_threads'
/usr/local/lib/ruby/gems/2.1/gems/rake-10.4.2/lib/rake/application.rb:100:in `top_level'
/usr/local/lib/ruby/gems/2.1/gems/rake-10.4.2/lib/rake/application.rb:78:in `block in run'
/usr/local/lib/ruby/gems/2.1/gems/rake-10.4.2/lib/rake/application.rb:176:in `standard_exception_handling'
/usr/local/lib/ruby/gems/2.1/gems/rake-10.4.2/lib/rake/application.rb:75:in `run'
/usr/local/lib/ruby/gems/2.1/gems/rake-10.4.2/bin/rake:33:in `<top (required)>'
/usr/local/bin/rake:23:in `load'
/usr/local/bin/rake:23:in `<main>'
Tasks: TOP => db:migrate => environment

I'm guessing the file should not have been copied from where it was - and perhaps it is auto-generated? Or does the current FreeBSD install miss that one file?

Actions #3

Updated by Toshi MARUYAMA about 8 years ago

  • Status changed from New to Closed

David Gessel wrote:

NameError: uninitialized constant Blog

https://github.com/rails/rails/blob/3-2-stable/railties/guides/code/getting_started/config/initializers/secret_token.rb#L7

Blog::Application.config.secret_token = ...

Actions #4

Updated by Toshi MARUYAMA about 8 years ago

David Gessel wrote:

I'm not 100% sure I understand the concept. I tried to execute

FTR: new install: RAILS_ENV=production bundle exec rake db:mig....

Actions

Also available in: Atom PDF