apoorv-2204
Setting Module Attributes in endpoint during compile time for Environment (could not fetch application environment)
Hi there Elixir Community,
IN the phoenix Endpoint, I want to have different session options for dev environment and the production environment, like setting cookie secure, etc.
Issue I am facing is when I use Application.get_env or Application.fetch_env it gives warning and CI fails ,
the Warning: is discouraged in the module body, use Application.compile_env/3 instead
When I use Compile env I get this error.
* (ArgumentError) could not fetch application environment [AdminWeb.Endpoint, :session_options] for application :admin because the application was not loaded nor configured
(elixir 1.14.4) lib/application.ex:602: Application.compile_env!/3
lib/admin_web/endpoint.ex:5: (module)
(elixir 1.14.4) lib/kernel/parallel_compiler.ex:340: anonymous fn/5 in Kernel.ParallelCompiler.spawn_workers/7
Elixir
I have two apps in umbrella
AdminWeb and ServiceProviderWeb
Code for AdminWeb ,ServiceProvider
defmodule AdminWeb.Endpoint do
@moduledoc false
use Phoenix.Endpoint, otp_app: :admin
@session_options Application.compile_env!(:admin, [__MODULE__, :session_options])
socket("/admin/live", Phoenix.LiveView.Socket,
websocket: [connect_info: [session: @session_options]]
)
#other lines omitted
plug(Plug.Session, @session_options)
end
defmodule ServiceProvider.Endpoint do
@moduledoc false
use Phoenix.Endpoint, otp_app: :service_provider
@session_options Application.compile_env!(:service_provider, [__MODULE__, :session_options])
socket("/service_provider/live", Phoenix.LiveView.Socket,
websocket: [connect_info: [session: @session_options]]
)
plug(Plug.Session, @session_options)
end
dev.exs
config :admin, AdminWeb.Endpoint,
server: true,
http: [port: 4001],
debug_errors: true,
code_reloader: true,
check_origin: false,
watchers: [
node: [
"node_modules/webpack/bin/webpack.js",
"--mode",
"development",
cd: Path.expand("../apps/admin/assets", __DIR__)
]
],
live_reload: [
patterns: [
~r"priv/static/.*(js|css|png|jpeg|jpg|gif|svg)$",
~r"priv/gettext/.*(po)$",
~r"lib/admin_web/.*(ex)$",
~r"lib/admin_web/.*(eex)$",
~r"lib/admin_web/.*(heex)$"
],
url: "/admin/phoenix/live_reload/socket"
],
session_options: [
max_age: 120 * 60 * 60,
store: AdminWeb.Session.Store,
key: "_a_dev_web_key_",
signing_salt: "rand_Contatvalie"
]
config :service_provider, ServiceProvider.Endpoint,
server: true,
http: [port: 4003],
debug_errors: true,
code_reloader: true,
check_origin: false,
watchers: [
node: [
"node_modules/webpack/bin/webpack.js",
"--mode",
"development",
cd: Path.expand("../apps/service_provider/assets", __DIR__)
]
],
live_reload: [
patterns: [
~r"priv/static/.*(js|css|png|jpeg|jpg|gif|svg)$",
~r"priv/gettext/.*(po)$",
~r"lib/service_provider/.*(ex)$",
~r"lib/service_provider/.*(eex)$",
~r"lib/service_provider/.*(heex)$"
],
url: "/service_provider/phoenix/live_reload/socket"
],
session_options: [
store: :cookie,
key: "_sp_dev_web_key_",
signing_salt: "rand_Constant tvallue",
max_age: 120 * 60 * 60
]
Prod.exs
config :admin, AdminWeb.Endpoint,
cache_static_manifest: "priv/static/cache_manifest.json",
session_options: [
max_age: 120 * 60 * 60,
store: AdminWeb.Session.Store,
key: "_a_web_key_",
signing_salt: "random_sallt",
secure: true,
http_only: true,
sign: true
]
config :service_provider, ServiceProvider.Endpoint,
cache_static_manifest: "priv/static/cache_manifest.json",
session_options: [
store: :cookie,
key: "_sp_web_key_",
signing_salt: "random_sallt",
max_age: 120 * 60 * 60,
secure: true,
http_only: true,
sign: true,encrypt: true
]
`My questions`
Q1. What is the solution for it, what mistake I am making?.What wrong settings I have done here?
Q2. Are dev.exs and prod.exs executed once on compilation? so can i use `Base.encode64(:crypto.strong_rand_bytes(64), padding: false)` for `signing_salt`.
Q3. what are the generral best practices tips that you guys can share?
Most Liked
gushonorato
Hey @apoorv-2204
Q1. What is the solution for it, what mistake I am making?.What wrong settings I have done here?
The problem is that Application.compile_env!/3 does not accept a list as an argument. Instead, you should do the following: @session_options Application.compile_env!(:admin, ServiceProvider.Endpoint) |> Keyword.fetch!(:session_options)
Q2. Are dev.exs and prod.exs executed once on compilation? so can i use
Base.encode64(:crypto.strong_rand_bytes(64), padding: false)forsigning_salt.
You must not use Base.encode64/2 to generate the signing_salt in this way. If you do so, a new signing_salt will be generated with each deployment, and all sessions will be invalidated in production every time the application is deployed.
Q3. what are the generral best practices tips that you guys can share?
You can use any signing_salt for development and store it hardcoded in your dev.exs file. However, for production, it is not recommended to store the signing_salt hardcoded in version-controlled files. Instead, store it as an environment variable and load it in config/runtime.exs.
# config/runtime.exs
signing_salt =
System.get_env("SESSION_SIGNING_SALT") ||
raise "SESSION_SIGNING_SALT environment variable is not set"
config :admin, AdminWeb.Endpoint,
session_options: [
max_age: 120 * 60 * 60,
store: AdminWeb.Session.Store,
key: "_a_dev_web_key_",
signing_salt: signing_salt
]
Popular in Discussions
Other popular topics
Categories:
Sub Categories:
Forums
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #library
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #elixirconf
- #exunit
- #discussion
- #code-sync
- #javascript
- #podcasts
- #onsite
- #dialyzer
- #docker
- #authentication
- #umbrella
- #full-time-contract
- #podcasts-by-brainlid
- #ecto-query
- #elixir-ls
- #phoenix_html
- #iex
- #blog-post
- #graphql
- #genstage
- #ai
- #websockets
- #supervisor
- #advent-of-code
- #elixirconf-us
- #distillery
- #processes
- #forms
- #api
- #metaprogramming
- #security
- #performance









