From c110fa62ac0f475efd64572026835a7514c410ae Mon Sep 17 00:00:00 2001 From: Akihiko Odaki Date: Mon, 5 Mar 2018 04:28:24 +0900 Subject: [PATCH] Provide default OTP_SECRET value for development environment (#6617) --- .env.test | 1 - app/models/user.rb | 2 +- config/environments/development.rb | 2 ++ config/environments/production.rb | 2 ++ config/environments/test.rb | 2 ++ 5 files changed, 7 insertions(+), 2 deletions(-) diff --git a/.env.test b/.env.test index e25c040ac0..b57f52e309 100644 --- a/.env.test +++ b/.env.test @@ -1,4 +1,3 @@ # Federation LOCAL_DOMAIN=cb6e6126.ngrok.io LOCAL_HTTPS=true -OTP_SECRET=100c7faeef00caa29242f6b04156742bf76065771fd4117990c4282b8748ff3d99f8fdae97c982ab5bd2e6756a159121377cce4421f4a8ecd2d67bd7749a3fb4 diff --git a/app/models/user.rb b/app/models/user.rb index 2995d6d54c..b716c13fd2 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -44,7 +44,7 @@ class User < ApplicationRecord ACTIVE_DURATION = 14.days devise :two_factor_authenticatable, - otp_secret_encryption_key: ENV.fetch('OTP_SECRET') + otp_secret_encryption_key: Rails.configuration.x.otp_secret devise :two_factor_backupable, otp_number_of_backup_codes: 10 diff --git a/config/environments/development.rb b/config/environments/development.rb index 2da407c323..285fea8b8c 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -82,6 +82,8 @@ Rails.application.configure do Bullet.add_whitelist type: :n_plus_one_query, class_name: 'User', association: :account end + + config.x.otp_secret = ENV.fetch('OTP_SECRET', '1fc2b87989afa6351912abeebe31ffc5c476ead9bf8b3d74cbc4a302c7b69a45b40b1bbef3506ddad73e942e15ed5ca4b402bf9a66423626051104f4b5f05109') end ActiveRecordQueryTrace.enabled = ENV.fetch('QUERY_TRACE_ENABLED') { false } diff --git a/config/environments/production.rb b/config/environments/production.rb index 51288bc395..3136a40fc3 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -96,4 +96,6 @@ Rails.application.configure do 'X-Content-Type-Options' => 'nosniff', 'X-XSS-Protection' => '1; mode=block', } + + config.x.otp_secret = ENV.fetch('OTP_SECRET') end diff --git a/config/environments/test.rb b/config/environments/test.rb index 74e7fa694e..7d77a170e5 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -44,6 +44,8 @@ Rails.application.configure do # Print deprecation notices to the stderr. config.active_support.deprecation = :stderr + config.x.otp_secret = '100c7faeef00caa29242f6b04156742bf76065771fd4117990c4282b8748ff3d99f8fdae97c982ab5bd2e6756a159121377cce4421f4a8ecd2d67bd7749a3fb4' + # Generate random VAPID keys vapid_key = Webpush.generate_key config.x.vapid_private_key = vapid_key.private_key