Persistent Cookies and Sessions

dubstep · April 1, 2012, 6:44pm

I’m having an issue with Rails version 3.0.9 and trying to get
persistent cookies to stay for the existing session. I want a 1 year
expire on all sessions as a default.

My existing code in my session_store.rb is this:

MyApplicationName::Application.config.session_store :cookie_store

MyApplicationName::Application.config.session = {

:key => ‘_myapp_name_session’,
:path => ‘/’,
:domain => nil,
:expire_after => 1.years.from_now.utc,
:secure => false,
:httponly => true,
:cookie_only => true,
:secret => ‘myLongSecretCode’

}

my Curent User is defined in application controller as:

def current_user
@current_user ||= User.find_by_id(session[:user_id])
end

I have checked my site in firefox using firecookie and it shows the
cookie as session only and after I close the browser and reopen the
browser, I have to log in again.

How do I make this persistent?

Thank you.

dgm · April 1, 2012, 6:45pm

Also, I forgot to add I’m using Bcrypt for password authentication. I’m
not sure if that makes a difference or not.

dgm · April 2, 2012, 12:56pm

One bump. I have not heard from anyone in 19 hours. Thanks.

dgm · April 2, 2012, 6:38pm

GIYF:

Search term was ‘rails session config’, second result seems to indicate
that this expire_after option is no longer in the Active Record Session:

Walter

dgm · April 2, 2012, 7:52pm

Walter D. wrote in post #1054653:

GIYF:

Search term was ‘rails session config’, second result seems to indicate
that this expire_after option is no longer in the Active Record Session:

Setting session timeout in Rails 3 - Stack Overflow

Walter

Thanks for the reply Walter, but I ended up testing another route by
going to the session_store.rb and placing in:

MyApplication::Application.config.session_store :active_record_store,
:key => ‘_my_key’, :expire_after => 2.hours

which allowed me to use the database instead. I then ran:

bundle exec rake db:sessions:create
bundle exec rake db:migrate

And, after logging into IE and into Firefox, the sessions hold after the
browser is closed. I looked at the cookies with Firecookie and saw the
following:

_my_key Expires: Timestamp with 2 hours later

So, the expire_after works fine with Rails 3.0.10 which is what I’m
using now. I just have to create a sweep routine to clean up the
database when necessary;

(per ruby on rails guides - section 2.9 session expiry)