discourse/config/initializers/100-secret_token.rb

# frozen_string_literal: true

# Not fussed setting secret_token anymore, that is only required for
# backwards support of "seamless" upgrade from Rails 3.
# Discourse has shipped Rails 3 for a very long time.
Discourse::Application.config.secret_key_base = GlobalSetting.safe_secret_key_base
DEV: enable frozen string literal on all files This reduces chances of errors where consumers of strings mutate inputs and reduces memory usage of the app. Test suite passes now, but there may be some stuff left, so we will run a few sites on a branch prior to merging 2019-05-03 08:17:27 +10:00			`# frozen_string_literal: true`

FEATURE: per client user tokens Revamped system for managing authentication tokens. - Every user has 1 token per client (web browser) - Tokens are rotated every 10 minutes New system migrates the old tokens to "legacy" tokens, so users still remain logged on. Also introduces weekly job to expire old auth tokens. 2017-01-31 17:21:37 -05:00			`# Not fussed setting secret_token anymore, that is only required for`
			`# backwards support of "seamless" upgrade from Rails 3.`
			`# Discourse has shipped Rails 3 for a very long time.`
			`Discourse::Application.config.secret_key_base = GlobalSetting.safe_secret_key_base`