added a generate:secret_token task, and added an initializer to generate one if the file does not exist

.gitignore

@@ -17,3 +17,4 @@ public/uploads/*
 config/app_config.yml
 bin/*
 nbproject
+config/initializers/secret_token.rb

config/initializers/check_session_secret.rb

@@ -0,0 +1,5 @@
+unless File.exists?( File.join(Rails.root, 'config', 'initializers', 'secret_token.rb'))
+  `rake generate:secret_token`
+   require  File.join(Rails.root, 'config', 'initializers', 'secret_token.rb')
+end
+

config/initializers/secret_token.rb

@@ -8,4 +8,4 @@
 # If you change this key, all old signed cookies will become invalid!
 # Make sure the secret is at least 30 characters and all random,
 # no regular words or you'll be exposed to dictionary attacks.
-Rails.application.config.secret_token = 'ea08916110cae7f10fe9e1f7c7cb8c1fee13c3c3bee35180ac3061c370bd9ad985f28fcf2eb5f5684d0d618855efdeb862918628e994ed3e7fc806777428ef40'
+Rails.application.config.secret_token = '3484b78b0f9d88f40cd44a20cf647140e5900632d0c9b85e1fd91dc539811d243f2f0756f791019c'

lib/tasks/generate_session_secret.rake

@@ -0,0 +1,26 @@
+namespace :generate do
+  desc 'Generates a Session Secret Token'
+  task :secret_token do
+
+  path = File.join(Rails.root, 'config', 'initializers', 'secret_token.rb')
+  secret = ActiveSupport::SecureRandom.hex(40)
+  File.open(path, 'w') do |f|
+    f.write <<"EOF"
+#   Copyright (c) 2010, Diaspora Inc.  This file is
+#   licensed under the Affero General Public License version 3.  See
+#   the COPYRIGHT file.
+
+# Be sure to restart your server when you modify this file.
+
+# Your secret key for verifying the integrity of signed cookies.
+# If you change this key, all old signed cookies will become invalid!
+# Make sure the secret is at least 30 characters and all random,
+# no regular words or you'll be exposed to dictionary attacks.
+Rails.application.config.secret_token = '#{secret}'
+EOF
+
+puts "YAY!!"
+end
+
+  end
+end