CraftCMS cookieValidationKey 必须配置密钥

Question

我正在使用 CraftCMS，但收到此错误：

\n

Invalid Configuration \xe2\x80\x93 yii\\base\\InvalidConfigException\ncraft\\web\\Request::cookieValidationKey must be configured with a secret key.\n

\n

较长的错误是：

\n

1. in /code/vendor/yiisoft/yii2/web/Request.phpat line 1678\n1669167016711672167316741675167616771678167916801681168216831684168516861687     * Converts `$_COOKIE` into an array of [[Cookie]].\n     * @return array the cookies obtained from request\n     * @throws InvalidConfigException if [[cookieValidationKey]] is not set when [[enableCookieValidation]] is true\n     */\n    protected function loadCookies()\n    {\n        $cookies = [];\n        if ($this->enableCookieValidation) {\n            if ($this->cookieValidationKey == '') {\n                throw new InvalidConfigException(get_class($this) . '::cookieValidationKey must be configured with a secret key.');\n            }\n            foreach ($_COOKIE as $name => $value) {\n                if (!is_string($value)) {\n                    continue;\n                }\n                $data = Yii::$app->getSecurity()->validateData($value, $this->cookieValidationKey);\n                if ($data === false) {\n                    continue;\n                }\n

\n

我的 .env 文件是这样的：

\n

# The environment Craft is currently running in ("dev", "staging", "production", etc.)\nENVIRONMENT="dev"\n\n# The application ID used to to uniquely store session and cache data, mutex locks, and more\nAPP_ID="CraftCMS"\n\n# The secure key Craft will use for hashing and encrypting data\nSECURITY_KEY="xxxxxxxx"\n\n# The database driver that will be used ("mysql" or "pgsql")\nDB_DRIVER="mysql"\n\n# The database server name or IP address\nDB_SERVER="mariadb"\n\n# The port to connect to the database with\nDB_PORT="3306"\n\n# The name of the database to select\nDB_DATABASE="dev_craftcms"\n\n# The database username to connect with\nDB_USER="root"\n\n# The database password to connect with\nDB_PASSWORD="abc123"\n\n# The database schema that will be used (PostgreSQL only)\nDB_SCHEMA=""\n\n# The prefix that should be added to generated table names (only necessary if multiple things are sharing the same database)\nDB_TABLE_PREFIX=""\n\nDEFAULT_SITE_URL="http://www.amira.local/"\n

\n

我错过了什么吗？

\n

Answer 1

您的 env 文件只是存储这些秘密的地方，因此它们不会提交给源代码控制，Craft 不会自动直接从那里提取值。在此，安全密钥在 Craft 的通用配置文件中设置config/general.php，应设置为：

    // The secure key Craft will use for hashing and encrypting data
    'securityKey' => getenv('SECURITY_KEY'),

我怀疑它没有在通用配置中设置，所以你会得到一个错误。顺便说一句xxxxxxxxx，这不是很安全，我建议在那里使用强密码。