about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--.env.test1
-rw-r--r--app/models/user.rb2
-rw-r--r--config/environments/development.rb2
-rw-r--r--config/environments/production.rb2
-rw-r--r--config/environments/test.rb2
5 files changed, 7 insertions, 2 deletions
diff --git a/.env.test b/.env.test
index e25c040ac..b57f52e30 100644
--- a/.env.test
+++ b/.env.test
@@ -1,4 +1,3 @@
 # Federation
 LOCAL_DOMAIN=cb6e6126.ngrok.io
 LOCAL_HTTPS=true
-OTP_SECRET=100c7faeef00caa29242f6b04156742bf76065771fd4117990c4282b8748ff3d99f8fdae97c982ab5bd2e6756a159121377cce4421f4a8ecd2d67bd7749a3fb4
diff --git a/app/models/user.rb b/app/models/user.rb
index 2995d6d54..b716c13fd 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -44,7 +44,7 @@ class User < ApplicationRecord
   ACTIVE_DURATION = 14.days
 
   devise :two_factor_authenticatable,
-         otp_secret_encryption_key: ENV.fetch('OTP_SECRET')
+         otp_secret_encryption_key: Rails.configuration.x.otp_secret
 
   devise :two_factor_backupable,
          otp_number_of_backup_codes: 10
diff --git a/config/environments/development.rb b/config/environments/development.rb
index 2da407c32..285fea8b8 100644
--- a/config/environments/development.rb
+++ b/config/environments/development.rb
@@ -82,6 +82,8 @@ Rails.application.configure do
 
     Bullet.add_whitelist type: :n_plus_one_query, class_name: 'User', association: :account
   end
+
+  config.x.otp_secret = ENV.fetch('OTP_SECRET', '1fc2b87989afa6351912abeebe31ffc5c476ead9bf8b3d74cbc4a302c7b69a45b40b1bbef3506ddad73e942e15ed5ca4b402bf9a66423626051104f4b5f05109')
 end
 
 ActiveRecordQueryTrace.enabled = ENV.fetch('QUERY_TRACE_ENABLED') { false }
diff --git a/config/environments/production.rb b/config/environments/production.rb
index 51288bc39..3136a40fc 100644
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@@ -96,4 +96,6 @@ Rails.application.configure do
     'X-Content-Type-Options' => 'nosniff',
     'X-XSS-Protection'       => '1; mode=block',
   }
+
+  config.x.otp_secret = ENV.fetch('OTP_SECRET')
 end
diff --git a/config/environments/test.rb b/config/environments/test.rb
index 74e7fa694..7d77a170e 100644
--- a/config/environments/test.rb
+++ b/config/environments/test.rb
@@ -44,6 +44,8 @@ Rails.application.configure do
   # Print deprecation notices to the stderr.
   config.active_support.deprecation = :stderr
 
+  config.x.otp_secret = '100c7faeef00caa29242f6b04156742bf76065771fd4117990c4282b8748ff3d99f8fdae97c982ab5bd2e6756a159121377cce4421f4a8ecd2d67bd7749a3fb4'
+
   # Generate random VAPID keys
   vapid_key = Webpush.generate_key
   config.x.vapid_private_key = vapid_key.private_key