之前的博客:https://www.cnblogs.com/chentianwei/p/9167489.html
Guide: https://guides.rubyonrails.org/security.html#custom-credentials
视频:https://gorails.com/episodes/rails-5-2-encrypted-credentials?autoplay=1
⚠️!!!
master.key文件不能加git里,放置在.gitignore中 (config/master.key)
credentials.yaml文件:
默认你不能读取的,需要在terminal中输入一条命令,解锁它。
EDITOR="atom --wait" rails credentials:edit
参数-w, --wait 的意思是修改完并关闭这个窗口就会自动save(New credentials encrypted and saved. credentials.yaml文件被更新了)。Wait for window to be closed before returning. [boolean]。
参数-f, --foreground的意思,在foreground保持主进程.
设置:编辑器是atom, 进入一个窗口,然后修改为:
development:
aws:
access_key_id: 123
secret_access_key: 345
production:
aws:
access_key_id: 123
secret_access_key: 345
# Used as the base secret for all MessageVerifiers in Rails, including the one protecting cookies.
secret_key_base: b0084fe4c82497767dad754d49d70a547352b2942e143d63bacec7700ba264daf632ae29cfa8889dec3046e74b9c33db47b53e4a5ede07d8ff6284d620952df1
进入:rails.console 可以查看相关的值。
> Rails.application.credentials.development
=> {:aws=>{:access_key_id=>123, :secret_access_key=>345}}
> Rails.application.credentials.development[:aws]
=> {:access_key_id=>123, :secret_access_key=>345}
master.key默认是隐藏的。