Setting cookie name
vizo opened this issue · 4 comments
If i set cookie name (key)
Rails.application.config.session_store :mongoid_store, key: :session
session is recreated on every request. How can i fix this?
@vizo oh that's odd. Not using the key prop myself, would have to create a test for that if it's not there already. Will see if I can find some time soon to look at it. Thanks for reporting!
@vizo can you specify which versions you're using of Rails, mongo_session_store, and if you're using any other gems like Devise?
@tombruijn and @vizo, we noticed the same issue when we deploy new instances of LocomotiveCMS. A new session on every request which prevents our authentication mechanism to work. And our key is set too.
Versions: Rails 5.1.6 + last version of mongo_session_store (3.1.0) + Devise 4.4.1
Thanks!
@did @vizo I've seen this happen in the app I'm working on when the authenticated object is not persisted. For example we created a dummy user object and signed in with that.
class DummyUser < User
def save
false
end
end
class ApplicationController
# ...
before_action :sign_in_third_party_sso_if_present
def sign_in_third_party_sso_if_present
return unless third_party_identifier
sign_in DummyUser.new(:third_party_identifier => third_party_identifier)
end
endSince the DummyUser was not persisted a new "id" would be generated for the instance every time this DummyUser would be signed in. When navigating to another page the DummyUser's id would have changed and the Devise wouldn't be able to match it anymore.
Could that be what's happening here?
Does this behavior also happen when you don't set the session store key?
I cannot reproduce this in the example apps in this repo (spec/support/apps) or the app I'm working on. It would be great if you could provide an example app in which this happens so I can fix this.