BigW Consortium Gitlab

  1. 05 Jun, 2017 1 commit
  2. 11 Oct, 2016 1 commit
  3. 03 Aug, 2016 1 commit
    • Store OTP secret key in secrets.yml · 405379bb
      Sean McGivern authored
      .secret stores the secret token used for both encrypting login cookies
      and for encrypting stored OTP secrets. We can't rotate this, because
      that would invalidate all existing OTP secrets.
      
      If the secret token is present in the .secret file or an environment
      variable, save it as otp_key_base in secrets.yml. Now .secret can be
      rotated without invalidating OTP secrets.
      
      If the secret token isn't present (initial setup), then just generate a
      separate otp_key_base and save in secrets.yml.
      
      Update the docs to reflect that secrets.yml needs to be retained past
      upgrades, but .secret doesn't.
  4. 07 Oct, 2015 1 commit
  5. 04 May, 2015 1 commit
  6. 24 Apr, 2015 1 commit
  7. 28 Jan, 2015 1 commit
  8. 18 Aug, 2014 2 commits
  9. 23 Jun, 2014 1 commit
  10. 03 Jun, 2014 1 commit
  11. 27 May, 2014 1 commit
  12. 28 Feb, 2014 1 commit
  13. 27 Feb, 2014 1 commit
  14. 27 Jan, 2014 1 commit
  15. 02 Nov, 2013 1 commit
  16. 15 Apr, 2013 2 commits
  17. 20 Dec, 2012 1 commit
  18. 03 Dec, 2012 1 commit