Welcome to Working With Rails

 

Discussion Forums

Discuss all things Ruby on Rails with perhaps the web's most vibrant group of Ruby on Rails enthusiasts.
Session in Rails_API gem
2 Posts
Session in Rails_API gem

In API's we generally do not use session based authentication. You should rather use an access token based solution. In your examples I don't see the request which you send to the API with the Cookie header. I guess the error is the lack of the Cookie header.

5319381fac0e775e5b2168650aae1e01
Forum Rating: 100
Sign In To Rate Post

Hi Rails Guru, Currently I am working i my project, and that project using rails_api gem. I want to add session management for authentication, but it seems the session does not working. Here is my configuration in config/initializer/session_store.rb:

Pmcapi::Application.config.session_store :cookie_store, {

key: '_pmcapi_session', 
expire_after: 1.hour

}

And I add config.api_only = false in application.rb (http://stackoverflow.com/questions/15342710/adding-cookie-session-store-back-to-rails-api-app)

and in my session_controller, I adding session to store token

(in session_controller.rb)

def create
  #just to generate new token
  user.reset_sso_token!
  session[:token] ||= user.sso_token
  self.current_user = user
  redirect_to root_path
end

when i am in application_controller, i want to access session[:token] but the result is nil (in application_controller.rb)

def authenticate_user!
  #puts("User Authentication")
  #puts(request.authorization)
  #puts(request)
  @user = User.authenticate_with_token(session[:token])
  #head :unauthorized unless @user.present?
  redirect_to sign_in_path if @user.nil?
end

Please, i need help. I have stucked with this, thanks

Last Edited by ari-el-muhandiz at 23 Sep 23:38
2 Posts
Login to add your message