Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Omniauth Session expires when browser is closed

Tags:

authentication

ruby-on-rails

session

login

omniauth

In my rails 3 app I use Omniauth for the user authentication part (fb/twitter).

Actually I follow this:

https://github.com/RailsApps/rails3-mongoid-omniauth

https://github.com/RailsApps/rails3-mongoid-omniauth/wiki/Tutorial

But, when I close the browser session expires and I need to login again. How can I keep the session for returning users?

Any help would be greatly appreciated!

like image 662
Lamp Avatar asked Feb 06 '12 22:02

Lamp

3 Answers

What you want is not difficult, you only have to set a permanent cookie when the session is created and then retrieve this value when you set the current user.

In your ApplicationController, just change your current_user method to:

def current_user
  return unless cookies.signed[:permanent_user_id] || session[:user_id]
  begin
    @current_user ||= User.find(cookies.signed[:permanent_user_id] || session[:user_id])
  rescue Mongoid::Errors::DocumentNotFound
    nil
  end
end

And in your SessionsController, modify your create to set the cookie if user wants to:

def create
  auth = request.env["omniauth.auth"]
  user = User.where(:provider => auth['provider'], 
                    :uid => auth['uid']).first || User.create_with_omniauth(auth)
  session[:user_id] = user.id
  cookies.permanent.signed[:permanent_user_id] = user.id if user.really_wants_to_be_permanently_remembered
  redirect_to root_url, :notice => "Signed in!"
end
like image 120
David Avatar answered Oct 22 '22 07:10

David

Devise offers this functionality through its Rememberable module. OmniAuth integrates easily with it through the (you'd never guess it) OmniAuth module. It's even mentioned in the second link you posted!

like image 33
andrew.rockwell Avatar answered Oct 22 '22 07:10

andrew.rockwell

Please make sure the cookie policy that your rails app follows does have sensible settings for your use case (see the link in my comment above). All I can imagine right now (knowing what I know, sitting where I sit) is that the cookie(s) ha(s/ve) properties that are suboptimal/undesirable in your context.

Please check the cookie settings in a browser debug/development tool such as firebug, firecookie or the chrome development tools.

Sorry, that's all I can come up with given my knowledge of the problem. Feel free to contact me again with more details on your cookie- and testing-setup.

My 2Cents.

like image 1
mkro Avatar answered Oct 22 '22 08:10

mkro
Sign in to Comment

Related questions

Redirect all outgoing emails to single address for testing
HAML in Rails 3 produces only doctype html
What can I do about Mechanize waiting on an unresponsive web site?
Rails Logic in controllers?
PDFkit doesn't display pictures in PDF
Rails 3 actionmail OpenSSL::SSL::SSLError
form for nested resource
Can I use update_all on array?
Rendering a partial in assets
ActiveAdmin and in-place edit
"rvm rubygems current" vs "rvm update --system" vs "gem update rubygems-update"
Rails validating that password_confirmation is present when password is also present or has been changed
run multi delayed_job instances per RAILS_ENV
Rails, how do you access the raw request data at the absolute lowest level?
ROR return JSON with 406 Not Acceptable error
How to set a display name for a field in Rails
Working on a legacy Rails application
named routes from string with object
Better way to build has_one association or update if it exists
Foreman running guard with color ouput

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!