gitea/nas
1
0
Fork 2
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3

Fix unnecessary requirement for deprecated OTP_SECRET environment variable (#34810)

Browse source
This commit is contained in:
Claire 2025-05-26 13:59:54 +02:00 committed by GitHub
parent 198b59ca3e
commit b7e967817b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 11 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

12
db/post_migrate/20240307180905_migrate_devise_two_factor_secrets.rb
View file

@ -79,8 +79,18 @@ class MigrateDeviseTwoFactorSecrets < ActiveRecord::Migration[7.1]
class MigrationUser < ApplicationRecord
self.table_name = :users
LEGACY_OTP_SECRET = begin
if Rails.env.test?
'100c7faeef00caa29242f6b04156742bf76065771fd4117990c4282b8748ff3d99f8fdae97c982ab5bd2e6756a159121377cce4421f4a8ecd2d67bd7749a3fb4'
elsif ENV['SECRET_KEY_BASE_DUMMY']
SecureRandom.hex(64)
else
ENV.fetch('OTP_SECRET')
end
end
devise :two_factor_authenticatable,
otp_secret_encryption_key: Rails.configuration.x.otp_secret
otp_secret_encryption_key: LEGACY_OTP_SECRET
include LegacyOtpSecret
end