Sinatra not persisting session with redirect on Chrome

Question

Sinatra is not persisting my session with a redirect on Chrome. It is creating an entirely new session and i'm losing all my previous session data.

As an example (similar to the Sinatra docs), i'm doing something like this:

enable :sessions

get '/foo' do
  session[:user_id] = 123
  session[:session_id] # "ABC", for example

  redirect to('/bar')
end

get '/bar' do
  # this is "DEF" when responding to Chrome (wrong), 
  # but "ABC" when responding to Firefox or Safari (right)
  session[:session_id]

  # this is nil when responding to Chrome (wrong),
  # but 123 when responding to Firefox or Safari (right)
  session[:user_id]
end

I'm thinking this has something to do with how the different browsers respond to handling the session after a redirect response. Has anyone seen something similar to this, or have any ideas on how to resolve this while still using sessions?

Thanks in advance!

Answer 1

Add this to your main app file: use Rack::Session::Cookie, :key => 'rack.session', :path => '/', :secret => 'some-random-string'

With that added, you should be able to assign session['whatever'] and have it work as expected.

Answer 2

By doing enable :sessions you just get access to session per request. Sinatra has no way to keep the reference to the previous call (your redirect) as it is treated as another request.

Thus, long story short:

set :session_secret, "SecureRandom.new(10) generated thing" enable :sessions

always use enable :sessions with a secret, otherwise your session is recreated every time rack sees a request.