diff options
author | Sean McGivern <sean@gitlab.com> | 2016-07-15 13:19:29 +0100 |
---|---|---|
committer | Sean McGivern <sean@gitlab.com> | 2016-08-03 15:46:37 +0100 |
commit | 405379bbfcb7821b3dae77e5254362f2d696bb7d (patch) | |
tree | ca84c70e92cb701694ac91d62879aa6d56490da7 /app | |
parent | 1ee1113696702919d2593839d09042c7e6391b89 (diff) | |
download | gitlab-ce-405379bbfcb7821b3dae77e5254362f2d696bb7d.tar.gz |
Store OTP secret key in secrets.yml
.secret stores the secret token used for both encrypting login cookies
and for encrypting stored OTP secrets. We can't rotate this, because
that would invalidate all existing OTP secrets.
If the secret token is present in the .secret file or an environment
variable, save it as otp_key_base in secrets.yml. Now .secret can be
rotated without invalidating OTP secrets.
If the secret token isn't present (initial setup), then just generate a
separate otp_key_base and save in secrets.yml.
Update the docs to reflect that secrets.yml needs to be retained past
upgrades, but .secret doesn't.
Diffstat (limited to 'app')
-rw-r--r-- | app/models/user.rb | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index db747434959..73368be7b1b 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -23,13 +23,13 @@ class User < ActiveRecord::Base default_value_for :theme_id, gitlab_config.default_theme attr_encrypted :otp_secret, - key: Gitlab::Application.config.secret_key_base, + key: Gitlab::Application.secrets.otp_key_base, mode: :per_attribute_iv_and_salt, insecure_mode: true, algorithm: 'aes-256-cbc' devise :two_factor_authenticatable, - otp_secret_encryption_key: Gitlab::Application.config.secret_key_base + otp_secret_encryption_key: Gitlab::Application.secrets.otp_key_base devise :two_factor_backupable, otp_number_of_backup_codes: 10 serialize :otp_backup_codes, JSON |