class Rails::Application
An Engine with the responsibility of coordinating the whole boot process.
Initialization
Rails::Application
is responsible for executing all railties and engines initializers. It also executes some bootstrap initializers (check Rails::Application::Bootstrap
) and finishing initializers, after all the others are executed (check Rails::Application::Finisher
).
Configuration
Besides providing the same configuration as Rails::Engine
and Rails::Railtie
, the application object has several specific configurations, for example enable_reloading
, consider_all_requests_local
, filter_parameters
, logger
, and so forth.
Check Rails::Application::Configuration
to see them all.
Routes
The application object is also responsible for holding the routes and reloading routes whenever the files change in development.
Middlewares
The Application is also responsible for building the middleware stack.
Booting process
The application is also responsible for setting up and executing the booting process. From the moment you require config/application.rb
in your app, the booting process goes like this:
-
require "config/boot.rb"
to set up load paths. -
require
railties and engines. -
Define
Rails.application
asclass MyApp::Application < Rails::Application
. -
Run
config.before_configuration
callbacks. -
Load
config/environments/ENV.rb
. -
Run
config.before_initialize
callbacks. -
Run
Railtie#initializer
defined by railties, engines, and application. One by one, each engine sets up its load paths and routes, and runs itsconfig/initializers/*
files. -
Custom
Railtie#initializers
added by railties, engines, and applications are executed. -
Build the middleware stack and run
to_prepare
callbacks. -
Run
config.before_eager_load
andeager_load!
ifeager_load
istrue
. -
Run
config.after_initialize
callbacks.
Inherits From
-
class
Engine
Attributes
[RW] | assets |
|
[R] | autoloaders |
|
[W] | config |
|
[W] | credentials |
|
[R] | executor |
|
[R] | reloader |
|
[R] | reloaders |
|
[RW] | sandbox |
|
[RW] | sandbox? |
|
[W] | secrets |
Public class methods
Source code GitHub
# File railties/lib/rails/application.rb, line 84
def create(initial_variable_values = {}, &block)
new(initial_variable_values, &block).run_load_hooks!
end
Source code GitHub
# File railties/lib/rails/application.rb, line 88
def find_root(from)
find_root_with_flag "config.ru", from, Dir.pwd
end
Source code GitHub
# File railties/lib/rails/application.rb, line 71
def inherited(base)
super
Rails.app_class = base
# lib has to be added to $LOAD_PATH unconditionally, even if it's in the
# autoload paths and config.add_autoload_paths_to_load_path is false.
add_lib_to_load_path!(find_root(base.called_from))
ActiveSupport.run_load_hooks(:before_configuration, base)
end
Source code GitHub
# File railties/lib/rails/application.rb, line 80
def instance
super.run_load_hooks!
end
Source code GitHub
# File railties/lib/rails/application.rb, line 109
def initialize(initial_variable_values = {}, &block)
super()
@initialized = false
@reloaders = []
@routes_reloader = nil
@app_env_config = nil
@ordered_railties = nil
@railties = nil
@key_generators = {}
@message_verifiers = nil
@deprecators = nil
@ran_load_hooks = false
@executor = Class.new(ActiveSupport::Executor)
@reloader = Class.new(ActiveSupport::Reloader)
@reloader.executor = @executor
@autoloaders = Rails::Autoloaders.new
# are these actually used?
@initial_variable_values = initial_variable_values
@block = block
end
Public instance methods
Convenience for loading config/foo.yml for the current Rails env. Example:
# config/exception_notification.yml:
production:
url: http://127.0.0.1:8080
namespace: my_app_production
development:
url: http://localhost:3001
namespace: my_app_development
# config/environments/production.rb
Rails.application.configure do
config.middleware.use ExceptionNotifier, config_for(:exception_notification)
end
You can also store configurations in a shared section which will be merged with the environment configuration
# config/example.yml
shared:
foo:
bar:
baz: 1
development:
foo:
bar:
qux: 2
# development environment
Rails.application.config_for(:example)[:foo][:bar]
# => { baz: 1, qux: 2 }
Source code GitHub
# File railties/lib/rails/application.rb, line 274
def config_for(name, env: Rails.env)
yaml = name.is_a?(Pathname) ? name : Pathname.new("#{paths["config"].existent.first}/#{name}.yml")
if yaml.exist?
require "erb"
all_configs = ActiveSupport::ConfigurationFile.parse(yaml).deep_symbolize_keys
config, shared = all_configs[env.to_sym], all_configs[:shared]
if shared
config = {} if config.nil? && shared.is_a?(Hash)
if config.is_a?(Hash) && shared.is_a?(Hash)
config = shared.deep_merge(config)
elsif config.nil?
config = shared
end
end
if config.is_a?(Hash)
config = ActiveSupport::OrderedOptions.new.update(config)
end
config
else
raise "Could not load configuration. No such file - #{yaml}"
end
end
Sends any console called in the instance of a new application up to the console
method defined in Rails::Railtie
.
Source code GitHub
# File railties/lib/rails/application.rb, line 357
def console(&blk)
self.class.console(&blk)
end
Returns an ActiveSupport::EncryptedConfiguration
instance for the credentials file specified by config.credentials.content_path
.
By default, config.credentials.content_path
will point to either config/credentials/#{environment}.yml.enc
for the current environment (for example, config/credentials/production.yml.enc
for the production
environment), or config/credentials.yml.enc
if that file does not exist.
The encryption key is taken from either ENV["RAILS_MASTER_KEY"]
, or from the file specified by config.credentials.key_path
. By default, config.credentials.key_path
will point to either config/credentials/#{environment}.key
for the current environment, or config/master.key
if that file does not exist.
Source code GitHub
# File railties/lib/rails/application.rb, line 519
def credentials
@credentials ||= encrypted(config.credentials.content_path, key_path: config.credentials.key_path)
end
A managed collection of deprecators (ActiveSupport::Deprecation::Deprecators
). The collection’s configuration methods affect all deprecators in the collection. Additionally, the collection’s silence
method silences all deprecators in the collection for the duration of a given block.
Source code GitHub
# File railties/lib/rails/application.rb, line 230
def deprecators
@deprecators ||= ActiveSupport::Deprecation::Deprecators.new.tap do |deprecators|
deprecators[:railties] = Rails.deprecator
end
end
Eager loads the application code.
Source code GitHub
# File railties/lib/rails/application.rb, line 577
def eager_load!
Rails.autoloaders.each(&:eager_load)
end
Returns an ActiveSupport::EncryptedConfiguration
instance for an encrypted file. By default, the encryption key is taken from either ENV["RAILS_MASTER_KEY"]
, or from the config/master.key
file.
my_config = Rails.application.encrypted("config/my_config.enc")
my_config.read
# => "foo:\n bar: 123\n"
my_config.foo.bar
# => 123
Encrypted files can be edited with the bin/rails encrypted:edit
command. (See the output of bin/rails encrypted:edit --help
for more information.)
Source code GitHub
# File railties/lib/rails/application.rb, line 538
def encrypted(path, key_path: "config/master.key", env_key: "RAILS_MASTER_KEY")
ActiveSupport::EncryptedConfiguration.new(
config_path: Rails.root.join(path),
key_path: Rails.root.join(key_path),
env_key: env_key,
raise_if_missing_key: config.require_master_key
)
end
Stores some of the Rails initial environment parameters which will be used by middlewares and engines to configure themselves.
Source code GitHub
# File railties/lib/rails/application.rb, line 303
def env_config
@app_env_config ||= super.merge(
"action_dispatch.parameter_filter" => filter_parameters,
"action_dispatch.redirect_filter" => config.filter_redirect,
"action_dispatch.secret_key_base" => secret_key_base,
"action_dispatch.show_exceptions" => config.action_dispatch.show_exceptions,
"action_dispatch.show_detailed_exceptions" => config.consider_all_requests_local,
"action_dispatch.log_rescued_responses" => config.action_dispatch.log_rescued_responses,
"action_dispatch.debug_exception_log_level" => ActiveSupport::Logger.const_get(config.action_dispatch.debug_exception_log_level.to_s.upcase),
"action_dispatch.logger" => Rails.logger,
"action_dispatch.backtrace_cleaner" => Rails.backtrace_cleaner,
"action_dispatch.key_generator" => key_generator,
"action_dispatch.http_auth_salt" => config.action_dispatch.http_auth_salt,
"action_dispatch.signed_cookie_salt" => config.action_dispatch.signed_cookie_salt,
"action_dispatch.encrypted_cookie_salt" => config.action_dispatch.encrypted_cookie_salt,
"action_dispatch.encrypted_signed_cookie_salt" => config.action_dispatch.encrypted_signed_cookie_salt,
"action_dispatch.authenticated_encrypted_cookie_salt" => config.action_dispatch.authenticated_encrypted_cookie_salt,
"action_dispatch.use_authenticated_cookie_encryption" => config.action_dispatch.use_authenticated_cookie_encryption,
"action_dispatch.encrypted_cookie_cipher" => config.action_dispatch.encrypted_cookie_cipher,
"action_dispatch.signed_cookie_digest" => config.action_dispatch.signed_cookie_digest,
"action_dispatch.cookies_serializer" => config.action_dispatch.cookies_serializer,
"action_dispatch.cookies_digest" => config.action_dispatch.cookies_digest,
"action_dispatch.cookies_rotations" => config.action_dispatch.cookies_rotations,
"action_dispatch.cookies_same_site_protection" => coerce_same_site_protection(config.action_dispatch.cookies_same_site_protection),
"action_dispatch.use_cookies_with_metadata" => config.action_dispatch.use_cookies_with_metadata,
"action_dispatch.content_security_policy" => config.content_security_policy,
"action_dispatch.content_security_policy_report_only" => config.content_security_policy_report_only,
"action_dispatch.content_security_policy_nonce_generator" => config.content_security_policy_nonce_generator,
"action_dispatch.content_security_policy_nonce_directives" => config.content_security_policy_nonce_directives,
"action_dispatch.permissions_policy" => config.permissions_policy,
)
end
Sends any generators called in the instance of a new application up to the generators
method defined in Rails::Railtie
.
Source code GitHub
# File railties/lib/rails/application.rb, line 363
def generators(&blk)
self.class.generators(&blk)
end
Returns true if the application is initialized.
Source code GitHub
# File railties/lib/rails/application.rb, line 134
def initialized?
@initialized
end
Sends the initializers to the initializer
method defined in the Rails::Initializable module. Each Rails::Application
class has its own set of initializers, as defined by the Initializable module.
Source code GitHub
# File railties/lib/rails/application.rb, line 345
def initializer(name, opts = {}, &block)
self.class.initializer(name, opts, &block)
end
Sends the isolate_namespace
method up to the class method.
Source code GitHub
# File railties/lib/rails/application.rb, line 374
def isolate_namespace(mod)
self.class.isolate_namespace(mod)
end
Returns a key generator (ActiveSupport::CachingKeyGenerator
) for a specified secret_key_base
. The return value is memoized, so additional calls with the same secret_key_base
will return the same key generator instance.
Source code GitHub
# File railties/lib/rails/application.rb, line 161
def key_generator(secret_key_base = self.secret_key_base)
# number of iterations selected based on consultation with the google security
# team. Details at https://github.com/rails/rails/pull/6952#issuecomment-7661220
@key_generators[secret_key_base] ||= ActiveSupport::CachingKeyGenerator.new(
ActiveSupport::KeyGenerator.new(secret_key_base, iterations: 1000)
)
end
Returns a message verifier object.
This verifier can be used to generate and verify signed messages in the application.
It is recommended not to use the same verifier for different things, so you can get different verifiers passing the verifier_name
argument.
Parameters
-
verifier_name
- the name of the message verifier.
Examples
message = Rails.application.message_verifier('sensitive_data').generate('my sensible data')
Rails.application.message_verifier('sensitive_data').verify(message)
# => 'my sensible data'
See the ActiveSupport::MessageVerifier
documentation for more information.
Source code GitHub
# File railties/lib/rails/application.rb, line 222
def message_verifier(verifier_name)
message_verifiers[verifier_name]
end
Returns a message verifier factory (ActiveSupport::MessageVerifiers
). This factory can be used as a central point to configure and create message verifiers (ActiveSupport::MessageVerifier
) for your application.
By default, message verifiers created by this factory will generate messages using the default ActiveSupport::MessageVerifier
options. You can override these options with a combination of ActiveSupport::MessageVerifiers#clear_rotations
and ActiveSupport::MessageVerifiers#rotate
. However, this must be done prior to building any message verifier instances. For example, in a before_initialize
block:
# Use `url_safe: true` when generating messages
config.before_initialize do |app|
app.message_verifiers.clear_rotations
app.message_verifiers.rotate(url_safe: true)
end
Message verifiers created by this factory will always use a secret derived from secret_key_base
when generating messages. clear_rotations
will not affect this behavior. However, older secret_key_base
values can be rotated for verifying messages:
# Fall back to old `secret_key_base` when verifying messages
config.before_initialize do |app|
app.message_verifiers.rotate(secret_key_base: "old secret_key_base")
end
Source code GitHub
# File railties/lib/rails/application.rb, line 197
def message_verifiers
@message_verifiers ||=
ActiveSupport::MessageVerifiers.new do |salt, secret_key_base: self.secret_key_base|
key_generator(secret_key_base).generate_key(salt)
end.rotate_defaults
end
If you try to define a set of Rake tasks on the instance, these will get passed up to the Rake tasks defined on the application’s class.
Source code GitHub
# File railties/lib/rails/application.rb, line 338
def rake_tasks(&block)
self.class.rake_tasks(&block)
end
Reload application routes regardless if they changed or not.
Source code GitHub
# File railties/lib/rails/application.rb, line 153
def reload_routes!
routes_reloader.reload!
end
Sends any runner called in the instance of a new application up to the runner
method defined in Rails::Railtie
.
Source code GitHub
# File railties/lib/rails/application.rb, line 351
def runner(&blk)
self.class.runner(&blk)
end
The secret_key_base
is used as the input secret to the application’s key generator, which in turn is used to create all ActiveSupport::MessageVerifier
and ActiveSupport::MessageEncryptor
instances, including the ones that sign and encrypt cookies.
In development and test, this is randomly generated and stored in a temporary file in tmp/local_secret.txt
.
You can also set ENV["SECRET_KEY_BASE_DUMMY"]
to trigger the use of a randomly generated secret_key_base
that’s stored in a temporary file. This is useful when precompiling assets for production as part of a build step that otherwise does not need access to the production secrets.
Dockerfile example: RUN SECRET_KEY_BASE_DUMMY=1 bundle exec rails assets:precompile
.
In all other environments, we look for it first in ENV["SECRET_KEY_BASE"]
, then credentials.secret_key_base
, and finally secrets.secret_key_base
. For most applications, the correct place to store it is in the encrypted credentials file.
Source code GitHub
# File railties/lib/rails/application.rb, line 478
def secret_key_base
config.secret_key_base ||=
if ENV["SECRET_KEY_BASE_DUMMY"]
generate_local_secret
else
validate_secret_key_base(
ENV["SECRET_KEY_BASE"] || credentials.secret_key_base || begin
secret_skb = secrets_secret_key_base
if secret_skb && secret_skb.equal?(config.secret_key_base)
config.secret_key_base
elsif secret_skb
Rails.deprecator.warn(<<~MSG.squish)
Your `secret_key_base` is configured in `Rails.application.secrets`,
which is deprecated in favor of `Rails.application.credentials` and
will be removed in Rails 7.2.
MSG
secret_skb
elsif Rails.env.local?
generate_local_secret
end
end
)
end
end
Source code GitHub
# File railties/lib/rails/application.rb, line 443
def secrets
Rails.deprecator.warn(<<~MSG.squish)
`Rails.application.secrets` is deprecated in favor of `Rails.application.credentials` and will be removed in Rails 7.2.
MSG
@secrets ||= begin
secrets = ActiveSupport::OrderedOptions.new
files = config.paths["config/secrets"].existent
files = files.reject { |path| path.end_with?(".enc") } unless config.read_encrypted_secrets
secrets.merge! Rails::Secrets.parse(files, env: Rails.env)
# Fallback to config.secret_key_base if secrets.secret_key_base isn't set
secrets.secret_key_base ||= config.secret_key_base
secrets
end
end
Sends any server called in the instance of a new application up to the server
method defined in Rails::Railtie
.
Source code GitHub
# File railties/lib/rails/application.rb, line 369
def server(&blk)
self.class.server(&blk)
end
Protected instance methods
Source code GitHub
# File railties/lib/rails/application.rb, line 665
def ensure_generator_templates_added
configured_paths = config.generators.templates
configured_paths.unshift(*(paths["lib/templates"].existent - configured_paths))
end
Source code GitHub
# File railties/lib/rails/application.rb, line 655
def validate_secret_key_base(secret_key_base)
if secret_key_base.is_a?(String) && secret_key_base.present?
secret_key_base
elsif secret_key_base
raise ArgumentError, "`secret_key_base` for #{Rails.env} environment must be a type of String`"
else
raise ArgumentError, "Missing `secret_key_base` for '#{Rails.env}' environment, set this string with `bin/rails credentials:edit`"
end
end