If the secret_key_base is nil in dev or test generate a key from random
bytes and store it in a tmp file. This prevents the app developers from
having to share / checkin the secret key for dev / test but also
maintains a key between app restarts in dev/test.

[CVE-2019-5420]
Co-Authored-By: Neileencodes <eileencodes@gmail.com>
Co-Authored-By: NJohn Hawthorn <john@hawthorn.email>