发表新帖
发表新帖

How to keep the app secret a secret?

前端 未结
关注
2 1480
眼角桃花
眼角桃花 2021-02-05 20:37

Every new Play app gets a new application secret generated into its config file.

application.secret=asdfadsfdasf

I\'m developing an open source app

相关标签:
2条回答
  • 独厮守ぢ
    2021-02-05 21:04

    It looks like that secret is important, but you can generate new ones for production vs development. So for development you could check it into SVN then generate a different one for production.

    http://www.playframework.org/documentation/1.0/production

    0 讨论(0)
  • 滥情空心
    2021-02-05 21:09

    You can externalize the secret as an environment variable.

    In conf/application.conf Simply replace

    application.secret=abc123...

    with

    application.secret=${APP_SECRET}

    and then set this config var in Heroku with:

    $ heroku config:add APP_SECRET=abc123...

    Now you can manage secrets on a per-app basis and avoid checking them into version control.

    0 讨论(0)
 看不清?
提交回复
热议问题