Phoenix Token get_key_base design

In the Phoenix.Token module on line 202, the get_key_base function looks for the secret_key_base by searching for it in the endpoint module config. I was wondering why it does not just look for the secret_key_base in the conn struct. Is there a problem with running conn.secret_key_base in this function, or is there some other reason for this decision?

1 Like

Could just be old code.

Also is it safe for the secret_key_base to be on conn? o.O

The code is perfectly fine, but I was wondering if there was any special reason not to use the secret_key_base in the conn struct (which is what Plug sessions do).

I’m using a trimmed down version of it in a library I’m working on, so that’s why I was asking.