2 files changed, 7 insertions, 1 deletions

diff --git a/app.js b/app.js
index 69abdd8..d4461db 100644
--- a/app.js
+++ b/app.js
@@ -20,7 +20,7 @@ mongoose.connection.on('error', function(err) {
 
 // persistence (for sessions)
 app.use(session({
-    secret: 'Very secret',
+    secret: config.session_secret,
     store: new MongoStore({ mongooseConnection: mongoose.connection }),
     name: 'rvssid',
     saveUninitialized: false,
diff --git a/config.js b/config.js
index a3400b8..372c542 100644
--- a/config.js
+++ b/config.js
@@ -11,3 +11,9 @@ exports.port = 3000;
  * Mongoose connection URI.
  */
 exports.dburi = 'mongodb://localhost/rvs';
+
+/**
+ * Secret which signs session ID cookies.
+ * https://github.com/expressjs/session#secret
+ */
+exports.session_secret = 'Very safe. Much secret. Wow.';