Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Accessing the "session key" cookie name from anywhere in Rails

We are building a plugin for Rails to be used within iframe Facebook applications, and at one point we need to check if Rail's session id cookie as been set or not.

By default, this cookie is named _myprojectname_session, what we need to find out is the actual name of the cookie itself. So if it's not set, we can do some redirects to make sure the cookies are set.

How do we access the damn name of the cookie from anywhere? Or at least from within a controller?

like image 274
jimeh Avatar asked Jun 16 '09 13:06

jimeh


People also ask

What are cookies and sessions in rails?

Cookies, Sessions and Flashes are three special objects that Rails gives you in which each behave a lot like hashes. They are used to persist data between requests, whether until just the next request, until the browser is closed, or until a specified expiration has been reached.

What is an API session cookie?

The API attempts to authenticate the user given his/her credentials. If the user is successfully authenticated, then the API stashes the user’s ID in the session: That simple assignment sets a cookie in the response. In this case, the cookie contains the user’s unique ID. The session cookie is returned to the browser.

How do I know if a session has expired rails?

To identify a user’s session information, Rails stores a special secure and tamper-proof cookie on the user’s browser that contains their entire session hash (look for it in your developer tools, usually under the “Application” section) and it expires when the browser is closed.

How can I securely store information about a user in rails?

The tried-and-true Rails way of securely storing information about a user across requests is to use a session cookie. This is only viable if the API client is a browser, but we don’t have any plans to create a non-browser client for this API.


2 Answers

Rails.application.config.session_options[:key]
like image 119
Shamaoke Avatar answered Oct 24 '22 14:10

Shamaoke


I found the solution. In Rails 2.3.2 at least the session key in set in config/initializers/session_store.rb like this:

ActionController::Base.session = {
  :key         => '_myapp_session',
  :secret      => '[...]'
}

And you can read the value like this:

ActionController::Base.session_options[:key]

From Base.session to Base.session_options automagically, doesn't make much sense, and it caused me a big headache... lol

like image 40
jimeh Avatar answered Oct 24 '22 14:10

jimeh