Skip to Content Skip to Search

class Rails::Application

An Engine with the responsibility of coordinating the whole boot process.

Initialization

Rails::Application is responsible for executing all railties and engines initializers. It also executes some bootstrap initializers (check Rails::Application::Bootstrap) and finishing initializers, after all the others are executed (check Rails::Application::Finisher).

Configuration

Besides providing the same configuration as Rails::Engine and Rails::Railtie, the application object has several specific configurations, for example enable_reloading, consider_all_requests_local, filter_parameters, logger, and so forth.

Check Rails::Application::Configuration to see them all.

Routes

The application object is also responsible for holding the routes and reloading routes whenever the files change in development.

Middlewares

The Application is also responsible for building the middleware stack.

Booting process

The application is also responsible for setting up and executing the booting process. From the moment you require config/application.rb in your app, the booting process goes like this:

  1. require "config/boot.rb" to set up load paths.

  2. require railties and engines.

  3. Define Rails.application as class MyApp::Application < Rails::Application.

  4. Run config.before_configuration callbacks.

  5. Load config/environments/ENV.rb.

  6. Run config.before_initialize callbacks.

  7. Run Railtie#initializer defined by railties, engines, and application. One by one, each engine sets up its load paths and routes, and runs its config/initializers/* files.

  8. Custom Railtie#initializers added by railties, engines, and applications are executed.

  9. Build the middleware stack and run to_prepare callbacks.

  10. Run config.before_eager_load and eager_load! if eager_load is true.

  11. Run config.after_initialize callbacks.

Inherits From

Attributes

[RW] assets
[R] autoloaders
[W] config
[W] credentials
[R] executor
[R] reloader
[R] reloaders
[RW] sandbox
[RW] sandbox?
[W] secrets

Public class methods

Source code GitHub
# File railties/lib/rails/application.rb, line 84
def create(initial_variable_values = {}, &block)
  new(initial_variable_values, &block).run_load_hooks!
end
Source code GitHub
# File railties/lib/rails/application.rb, line 88
def find_root(from)
  find_root_with_flag "config.ru", from, Dir.pwd
end
Source code GitHub
# File railties/lib/rails/application.rb, line 71
def inherited(base)
  super
  Rails.app_class = base
  # lib has to be added to $LOAD_PATH unconditionally, even if it's in the
  # autoload paths and config.add_autoload_paths_to_load_path is false.
  add_lib_to_load_path!(find_root(base.called_from))
  ActiveSupport.run_load_hooks(:before_configuration, base)
end
Source code GitHub
# File railties/lib/rails/application.rb, line 80
def instance
  super.run_load_hooks!
end
Source code GitHub
# File railties/lib/rails/application.rb, line 109
def initialize(initial_variable_values = {}, &block)
  super()
  @initialized       = false
  @reloaders         = []
  @routes_reloader   = nil
  @app_env_config    = nil
  @ordered_railties  = nil
  @railties          = nil
  @key_generators    = {}
  @message_verifiers = nil
  @deprecators       = nil
  @ran_load_hooks    = false

  @executor          = Class.new(ActiveSupport::Executor)
  @reloader          = Class.new(ActiveSupport::Reloader)
  @reloader.executor = @executor

  @autoloaders = Rails::Autoloaders.new

  # are these actually used?
  @initial_variable_values = initial_variable_values
  @block = block
end

Public instance methods

Convenience for loading config/foo.yml for the current Rails env. Example:

# config/exception_notification.yml:
production:
  url: http://127.0.0.1:8080
  namespace: my_app_production

development:
  url: http://localhost:3001
  namespace: my_app_development

# config/environments/production.rb
Rails.application.configure do
  config.middleware.use ExceptionNotifier, config_for(:exception_notification)
end

You can also store configurations in a shared section which will be merged with the environment configuration

# config/example.yml
shared:
  foo:
    bar:
      baz: 1

development:
  foo:
    bar:
      qux: 2

# development environment
Rails.application.config_for(:example)[:foo][:bar]
# => { baz: 1, qux: 2 }
Source code GitHub
# File railties/lib/rails/application.rb, line 274
def config_for(name, env: Rails.env)
  yaml = name.is_a?(Pathname) ? name : Pathname.new("#{paths["config"].existent.first}/#{name}.yml")

  if yaml.exist?
    require "erb"
    all_configs    = ActiveSupport::ConfigurationFile.parse(yaml).deep_symbolize_keys
    config, shared = all_configs[env.to_sym], all_configs[:shared]

    if shared
      config = {} if config.nil? && shared.is_a?(Hash)
      if config.is_a?(Hash) && shared.is_a?(Hash)
        config = shared.deep_merge(config)
      elsif config.nil?
        config = shared
      end
    end

    if config.is_a?(Hash)
      config = ActiveSupport::OrderedOptions.new.update(config)
    end

    config
  else
    raise "Could not load configuration. No such file - #{yaml}"
  end
end

Sends any console called in the instance of a new application up to the console method defined in Rails::Railtie.

Source code GitHub
# File railties/lib/rails/application.rb, line 357
def console(&blk)
  self.class.console(&blk)
end

Returns an ActiveSupport::EncryptedConfiguration instance for the credentials file specified by config.credentials.content_path.

By default, config.credentials.content_path will point to either config/credentials/#{environment}.yml.enc for the current environment (for example, config/credentials/production.yml.enc for the production environment), or config/credentials.yml.enc if that file does not exist.

The encryption key is taken from either ENV["RAILS_MASTER_KEY"], or from the file specified by config.credentials.key_path. By default, config.credentials.key_path will point to either config/credentials/#{environment}.key for the current environment, or config/master.key if that file does not exist.

Source code GitHub
# File railties/lib/rails/application.rb, line 516
def credentials
  @credentials ||= encrypted(config.credentials.content_path, key_path: config.credentials.key_path)
end

A managed collection of deprecators (ActiveSupport::Deprecation::Deprecators). The collection’s configuration methods affect all deprecators in the collection. Additionally, the collection’s silence method silences all deprecators in the collection for the duration of a given block.

Source code GitHub
# File railties/lib/rails/application.rb, line 230
def deprecators
  @deprecators ||= ActiveSupport::Deprecation::Deprecators.new.tap do |deprecators|
    deprecators[:railties] = Rails.deprecator
  end
end

Eager loads the application code.

Source code GitHub
# File railties/lib/rails/application.rb, line 574
def eager_load!
  Rails.autoloaders.each(&:eager_load)
end

Returns an ActiveSupport::EncryptedConfiguration instance for an encrypted file. By default, the encryption key is taken from either ENV["RAILS_MASTER_KEY"], or from the config/master.key file.

my_config = Rails.application.encrypted("config/my_config.enc")

my_config.read
# => "foo:\n  bar: 123\n"

my_config.foo.bar
# => 123

Encrypted files can be edited with the bin/rails encrypted:edit command. (See the output of bin/rails encrypted:edit --help for more information.)

Source code GitHub
# File railties/lib/rails/application.rb, line 535
def encrypted(path, key_path: "config/master.key", env_key: "RAILS_MASTER_KEY")
  ActiveSupport::EncryptedConfiguration.new(
    config_path: Rails.root.join(path),
    key_path: Rails.root.join(key_path),
    env_key: env_key,
    raise_if_missing_key: config.require_master_key
  )
end

Stores some of the Rails initial environment parameters which will be used by middlewares and engines to configure themselves.

Source code GitHub
# File railties/lib/rails/application.rb, line 303
def env_config
  @app_env_config ||= super.merge(
      "action_dispatch.parameter_filter" => filter_parameters,
      "action_dispatch.redirect_filter" => config.filter_redirect,
      "action_dispatch.secret_key_base" => secret_key_base,
      "action_dispatch.show_exceptions" => config.action_dispatch.show_exceptions,
      "action_dispatch.show_detailed_exceptions" => config.consider_all_requests_local,
      "action_dispatch.log_rescued_responses" => config.action_dispatch.log_rescued_responses,
      "action_dispatch.debug_exception_log_level" => ActiveSupport::Logger.const_get(config.action_dispatch.debug_exception_log_level.to_s.upcase),
      "action_dispatch.logger" => Rails.logger,
      "action_dispatch.backtrace_cleaner" => Rails.backtrace_cleaner,
      "action_dispatch.key_generator" => key_generator,
      "action_dispatch.http_auth_salt" => config.action_dispatch.http_auth_salt,
      "action_dispatch.signed_cookie_salt" => config.action_dispatch.signed_cookie_salt,
      "action_dispatch.encrypted_cookie_salt" => config.action_dispatch.encrypted_cookie_salt,
      "action_dispatch.encrypted_signed_cookie_salt" => config.action_dispatch.encrypted_signed_cookie_salt,
      "action_dispatch.authenticated_encrypted_cookie_salt" => config.action_dispatch.authenticated_encrypted_cookie_salt,
      "action_dispatch.use_authenticated_cookie_encryption" => config.action_dispatch.use_authenticated_cookie_encryption,
      "action_dispatch.encrypted_cookie_cipher" => config.action_dispatch.encrypted_cookie_cipher,
      "action_dispatch.signed_cookie_digest" => config.action_dispatch.signed_cookie_digest,
      "action_dispatch.cookies_serializer" => config.action_dispatch.cookies_serializer,
      "action_dispatch.cookies_digest" => config.action_dispatch.cookies_digest,
      "action_dispatch.cookies_rotations" => config.action_dispatch.cookies_rotations,
      "action_dispatch.cookies_same_site_protection" => coerce_same_site_protection(config.action_dispatch.cookies_same_site_protection),
      "action_dispatch.use_cookies_with_metadata" => config.action_dispatch.use_cookies_with_metadata,
      "action_dispatch.content_security_policy" => config.content_security_policy,
      "action_dispatch.content_security_policy_report_only" => config.content_security_policy_report_only,
      "action_dispatch.content_security_policy_nonce_generator" => config.content_security_policy_nonce_generator,
      "action_dispatch.content_security_policy_nonce_directives" => config.content_security_policy_nonce_directives,
      "action_dispatch.permissions_policy" => config.permissions_policy,
    )
end

Sends any generators called in the instance of a new application up to the generators method defined in Rails::Railtie.

Source code GitHub
# File railties/lib/rails/application.rb, line 363
def generators(&blk)
  self.class.generators(&blk)
end

Returns true if the application is initialized.

Source code GitHub
# File railties/lib/rails/application.rb, line 134
def initialized?
  @initialized
end

Sends the initializers to the initializer method defined in the Rails::Initializable module. Each Rails::Application class has its own set of initializers, as defined by the Initializable module.

Source code GitHub
# File railties/lib/rails/application.rb, line 345
def initializer(name, opts = {}, &block)
  self.class.initializer(name, opts, &block)
end

Sends the isolate_namespace method up to the class method.

Source code GitHub
# File railties/lib/rails/application.rb, line 374
def isolate_namespace(mod)
  self.class.isolate_namespace(mod)
end

Returns a key generator (ActiveSupport::CachingKeyGenerator) for a specified secret_key_base. The return value is memoized, so additional calls with the same secret_key_base will return the same key generator instance.

Source code GitHub
# File railties/lib/rails/application.rb, line 161
def key_generator(secret_key_base = self.secret_key_base)
  # number of iterations selected based on consultation with the google security
  # team. Details at https://github.com/rails/rails/pull/6952#issuecomment-7661220
  @key_generators[secret_key_base] ||= ActiveSupport::CachingKeyGenerator.new(
    ActiveSupport::KeyGenerator.new(secret_key_base, iterations: 1000)
  )
end

Returns a message verifier object.

This verifier can be used to generate and verify signed messages in the application.

It is recommended not to use the same verifier for different things, so you can get different verifiers passing the verifier_name argument.

Parameters

  • verifier_name - the name of the message verifier.

Examples

message = Rails.application.message_verifier('sensitive_data').generate('my sensible data')
Rails.application.message_verifier('sensitive_data').verify(message)
# => 'my sensible data'

See the ActiveSupport::MessageVerifier documentation for more information.

Source code GitHub
# File railties/lib/rails/application.rb, line 222
def message_verifier(verifier_name)
  message_verifiers[verifier_name]
end

Returns a message verifier factory (ActiveSupport::MessageVerifiers). This factory can be used as a central point to configure and create message verifiers (ActiveSupport::MessageVerifier) for your application.

By default, message verifiers created by this factory will generate messages using the default ActiveSupport::MessageVerifier options. You can override these options with a combination of ActiveSupport::MessageVerifiers#clear_rotations and ActiveSupport::MessageVerifiers#rotate. However, this must be done prior to building any message verifier instances. For example, in a before_initialize block:

# Use `url_safe: true` when generating messages
config.before_initialize do |app|
  app.message_verifiers.clear_rotations
  app.message_verifiers.rotate(url_safe: true)
end

Message verifiers created by this factory will always use a secret derived from secret_key_base when generating messages. clear_rotations will not affect this behavior. However, older secret_key_base values can be rotated for verifying messages:

# Fall back to old `secret_key_base` when verifying messages
config.before_initialize do |app|
  app.message_verifiers.rotate(secret_key_base: "old secret_key_base")
end
Source code GitHub
# File railties/lib/rails/application.rb, line 197
def message_verifiers
  @message_verifiers ||=
    ActiveSupport::MessageVerifiers.new do |salt, secret_key_base: self.secret_key_base|
      key_generator(secret_key_base).generate_key(salt)
    end.rotate_defaults
end

If you try to define a set of Rake tasks on the instance, these will get passed up to the Rake tasks defined on the application’s class.

Source code GitHub
# File railties/lib/rails/application.rb, line 338
def rake_tasks(&block)
  self.class.rake_tasks(&block)
end

Reload application routes regardless if they changed or not.

Source code GitHub
# File railties/lib/rails/application.rb, line 153
def reload_routes!
  routes_reloader.reload!
end

Sends any runner called in the instance of a new application up to the runner method defined in Rails::Railtie.

Source code GitHub
# File railties/lib/rails/application.rb, line 351
def runner(&blk)
  self.class.runner(&blk)
end

The secret_key_base is used as the input secret to the application’s key generator, which in turn is used to create all ActiveSupport::MessageVerifier and ActiveSupport::MessageEncryptor instances, including the ones that sign and encrypt cookies.

In development and test, this is randomly generated and stored in a temporary file in tmp/local_secret.txt.

You can also set ENV["SECRET_KEY_BASE_DUMMY"] to trigger the use of a randomly generated secret_key_base that’s stored in a temporary file. This is useful when precompiling assets for production as part of a build step that otherwise does not need access to the production secrets.

Dockerfile example: RUN SECRET_KEY_BASE_DUMMY=1 bundle exec rails assets:precompile.

In all other environments, we look for it first in ENV["SECRET_KEY_BASE"], then credentials.secret_key_base, and finally secrets.secret_key_base. For most applications, the correct place to store it is in the encrypted credentials file.

Source code GitHub
# File railties/lib/rails/application.rb, line 478
    def secret_key_base
      if Rails.env.local? || ENV["SECRET_KEY_BASE_DUMMY"]
        config.secret_key_base ||= generate_local_secret
      else
        validate_secret_key_base(
          ENV["SECRET_KEY_BASE"] || credentials.secret_key_base || begin
            secret_skb = secrets_secret_key_base

            if secret_skb.equal?(config.secret_key_base)
              config.secret_key_base
            else
              Rails.deprecator.warn(<<~MSG.squish)
                Your `secret_key_base` is configured in `Rails.application.secrets`,
                which is deprecated in favor of `Rails.application.credentials` and
                will be removed in Rails 7.2.
              MSG

              secret_skb
            end
          end
        )
      end
    end
Source code GitHub
# File railties/lib/rails/application.rb, line 443
    def secrets
      Rails.deprecator.warn(<<~MSG.squish)
        `Rails.application.secrets` is deprecated in favor of `Rails.application.credentials` and will be removed in Rails 7.2.
      MSG
      @secrets ||= begin
        secrets = ActiveSupport::OrderedOptions.new
        files = config.paths["config/secrets"].existent
        files = files.reject { |path| path.end_with?(".enc") } unless config.read_encrypted_secrets
        secrets.merge! Rails::Secrets.parse(files, env: Rails.env)

        # Fallback to config.secret_key_base if secrets.secret_key_base isn't set
        secrets.secret_key_base ||= config.secret_key_base

        secrets
      end
    end

Sends any server called in the instance of a new application up to the server method defined in Rails::Railtie.

Source code GitHub
# File railties/lib/rails/application.rb, line 369
def server(&blk)
  self.class.server(&blk)
end

Protected instance methods

Source code GitHub
# File railties/lib/rails/application.rb, line 662
def ensure_generator_templates_added
  configured_paths = config.generators.templates
  configured_paths.unshift(*(paths["lib/templates"].existent - configured_paths))
end
Source code GitHub
# File railties/lib/rails/application.rb, line 652
def validate_secret_key_base(secret_key_base)
  if secret_key_base.is_a?(String) && secret_key_base.present?
    secret_key_base
  elsif secret_key_base
    raise ArgumentError, "`secret_key_base` for #{Rails.env} environment must be a type of String`"
  else
    raise ArgumentError, "Missing `secret_key_base` for '#{Rails.env}' environment, set this string with `bin/rails credentials:edit`"
  end
end

Namespace

Definition files