Generate Secret Keys
Ever wonder how Rails generates its secret keys stored in config/secrets.yml
?
It uses the SecureRandom
library, built into Ruby.
# rails/tasks/misc.rake
desc "Generate a cryptographically secure secret key (this is typically used to generate a secret for cookie sessions)."
task :secret do
require "securerandom"
puts SecureRandom.hex(64)
end
If you ever need to generate a new secret key, run…
$ rake secret # from your rails app
$ ruby -e "require 'securerandom'; puts SecureRandom.hex(64)" # from anywhere
SecureRandom
also contains methods for generating UUIDs, random
base64 strings, and random
binary strings.
If you need a URL-safe key, say for API key generation, Ruby has you covered.
SecureRandom.urlsafe_base64