Chris@0: desc 'Generates a configuration file for cookie store sessions.'
Chris@0: 
Chris@0: file 'config/initializers/session_store.rb' do
Chris@909:   path = File.join(Rails.root, 'config', 'initializers', 'session_store.rb')
Chris@0:   secret = ActiveSupport::SecureRandom.hex(40)
Chris@0:   File.open(path, 'w') do |f|
Chris@0:     f.write <<"EOF"
Chris@0: # This file was generated by 'rake config/initializers/session_store.rb',
Chris@0: # and should not be made visible to public.
Chris@0: # If you have a load-balancing Redmine cluster, you will need to use the
Chris@0: # same version of this file on each machine. And be sure to restart your
Chris@0: # server when you modify this file.
Chris@909: 
Chris@0: # Your secret key for verifying cookie session data integrity. If you
Chris@0: # change this key, all old sessions will become invalid! Make sure the
Chris@0: # secret is at least 30 characters and all random, no regular words or
Chris@0: # you'll be exposed to dictionary attacks.
Chris@0: ActionController::Base.session = {
chris@37:   :key => '_redmine_session',
Chris@0:   #
Chris@0:   # Uncomment and edit the :session_path below if are hosting your Redmine
Chris@0:   # at a suburi and don't want the top level path to access the cookies
Chris@0:   #
Chris@0:   # See: http://www.redmine.org/issues/3968
Chris@0:   #
Chris@0:   # :session_path => '/url_path_to/your/redmine/',
Chris@0:   :secret => '#{secret}'
Chris@0: }
Chris@0: EOF
Chris@0:   end
Chris@0: end
Chris@0: 
Chris@0: desc 'Generates a configuration file for cookie store sessions.'
Chris@0: task :generate_session_store => ['config/initializers/session_store.rb']