之前的博客:https://www.cnblogs.com/chentianwei/p/9167489.html
Guide: https://guides.rubyonrails.org/security.html#custom-credentials
视频:https://gorails.com/episodes/rails-5-2-encrypted-credentials?autoplay=1
⚠️!!!
master.key文件不能加git里,放置在.gitignore中 (config/master.key)
credentials.yaml文件:
默认你不能读取的(打开只是乱码),需要在terminal中输入:
EDITOR="atom --wait" rails credentials:edit #(使用master key来decryted这个文件) #参数-w, --wait 的意思是修改完并关闭这个窗口就会自动save(New credentials
#encrypted and saved. credentials.yaml文件被更新了)。Wait for window to be #closed before returning. [boolean]。 #参数-f, --foreground的意思,在foreground保持主进程.
编辑器是atom, 进入一个窗口,然后修改为:
development:
aws:
access_key_id: 123
secret_access_key: 345 production:
aws:
access_key_id: 123
secret_access_key: 345 # Used as the base secret for all MessageVerifiers in Rails, including the one protecting cookies.
secret_key_base: b0084fe4c82497767dad754d49d70a547352b2942e143d63bacec7700ba264daf632ae29cfa8889dec3046e74b9c33db47b53e4a5ede07d8ff6284d620952df1
进入控制台 rails.console:
> Rails.application.credentials.development
=> {:aws=>{:access_key_id=>123, :secret_access_key=>345}}
> Rails.application.credentials.development[:aws]
=> {:access_key_id=>123, :secret_access_key=>345}
master.key默认是隐藏的。用ls -la查看。