I have a rails api only application <code>[config.api_only = true]</code> in which I enable the cookies through these following lines: in application.rb: <pre class="prettyprint"><code>config.middleware.insert_after ActionDispatch::ParamsParser, ActionDispatch::Cookies config.middleware.insert_after ActionDispatch::ParamsParser, ActionDispatch::Session::CookieStore </code></pre> in application_controller.rb <pre class="prettyprint"><code>include ActionController::Helpers include ActionController::Cookies </code></pre> I also added secret_token.rb as follows: <pre class="prettyprint"><code>Rails.application.config.secret_token = 'token' </code></pre> in my controller, I am trying to store the session like this: <pre class="prettyprint"><code>def index #other codes session[:userid] = useridstring render :text => session[:userid] end </code></pre> Note: however, after executing this in chrome, I am examining the cookie and none is set... then in the same controller, but in another action, I am trying to read the session like this: <pre class="prettyprint"><code>def readsession userId = session[:userid] render :text => userId end </code></pre> and nothing is rendered.. :( Is there anything I missed? I tried following the answer here which suggest that I set <code>config.api_only = false</code>, however the result is the same (I have no cookie set, and when read in another controller, session is still empty Sorry that it is such a basic question (or initial configuration matter), I am still very new in ruby and rails..

Since an API is always client independent, so it's best to use a token for authentication. Here's how: <ol> <li>Add a column called <code>token</code> in <code>users</code> table.</li> <li>A user comes and logs in. </li> <li>As he logs in, a token(a string of random characters) is generated, and saved in the database.</li> <li>The string is passed along as well, and any subsequent request will come with that token.</li> <li>Since each request comes with a token, you can check the token for its database existence, and association with the right user.</li> <li>As a user logs out, delete the token from the database.</li> </ol>

storing session in rails api application

I have a rails api only application [config.api_only = true] in which I enable the cookies through these following lines:

in application.rb:

config.middleware.insert_after ActionDispatch::ParamsParser, ActionDispatch::Cookies
config.middleware.insert_after ActionDispatch::ParamsParser, ActionDispatch::Session::CookieStore

in application_controller.rb

include ActionController::Helpers
include ActionController::Cookies

I also added secret_token.rb as follows:

Rails.application.config.secret_token = 'token'

in my controller, I am trying to store the session like this:

def index
    #other codes
    session[:userid] = useridstring
    render :text => session[:userid]
end

Note: however, after executing this in chrome, I am examining the cookie and none is set...

then in the same controller, but in another action, I am trying to read the session like this:

def readsession
    userId = session[:userid]
    render :text => userId
end

and nothing is rendered.. :(

Is there anything I missed?

I tried following the answer here which suggest that I set config.api_only = false, however the result is the same (I have no cookie set, and when read in another controller, session is still empty

Sorry that it is such a basic question (or initial configuration matter), I am still very new in ruby and rails..

How are sessions stored in Rails?

Rails will create a new record in your sessions table with a random session ID (say, 09497d46978bf6f32265fefb5cc52264 ). It'll store {current_user_id: 1} (Base64-encoded) in the data attribute of that record. And it'll return the generated session ID, 09497d46978bf6f32265fefb5cc52264 , to the browser using Set-Cookie .

Where does Rails store session data?

The session is only available in the controller and the view and can use one of a number of different storage mechanisms: ActionDispatch::Session::CookieStore - Stores everything on the client. ActionDispatch::Session::CacheStore - Stores the data in the Rails cache.

How do sessions and cookies work in Rails?

Cookies, Sessions and Flashes are three special objects that Rails gives you in which each behave a lot like hashes. They are used to persist data between requests, whether until just the next request, until the browser is closed, or until a specified expiration has been reached.

What is REST API in Rails?

REST stands for REpresentational State Transfer and describes resources (in our case URLs) on which we can perform actions. CRUD , which stands for Create, Read, Update, Delete, are the actions that we perform. Although, in Rails, REST and CRUD are bestest buddies, the two can work fine on their own.

Since an API is always client independent, so it's best to use a token for authentication.

Here's how:

Add a column called token in users table.
A user comes and logs in.
As he logs in, a token(a string of random characters) is generated, and saved in the database.
The string is passed along as well, and any subsequent request will come with that token.
Since each request comes with a token, you can check the token for its database existence, and association with the right user.
As a user logs out, delete the token from the database.

storing session in rails api application

Tags:

ruby

ruby-on-rails

cookies

session

session-cookies

Jenny Kim

People also ask

1 Answers

Arslan Ali

Recent Activity

Donate For Us

storing session in rails api application

Tags:

ruby

ruby-on-rails

cookies

session

session-cookies

Jenny Kim

People also ask

1 Answers

Arslan Ali

Related questions

Recent Activity

Donate For Us