Comments (6)
@sthyregod you'd put this in your session model. Could do something like this:
class UserSession < Authlogic::Session::Base
secure !!Rails.application.config.force_ssl
end
(NB I think force_ssl
will be removed in Rails 6.1)
from authlogic.
.. having it mentioned in the Readme might help ..
PRs welcome
from authlogic.
Firefox on local network does not create credentials cookie when 'remember_me' is ticked. Login is thus not remembered cross-session.
Assuming your development is non-HTTPS, have you tried disabling SSL-only remember-me cookies for development? e.g. UserSession.secure = false
authlogic/lib/authlogic/session/base.rb
Lines 938 to 946 in a857ebf
from authlogic.
The behaviour is the same as before as far as I can see. I believe the line should be inserted into the app/config/environments/development.rb
file? I'm new to Rails from C# MVC, so I'm not completely accustomed to the structure yet.
I came to think, I expect having two separate Session models wouldn't interfere with eachother, e.g. creating the mentioned problem. For example having a CustomerSession
for a Customer
model and a UserSession
for a User
model.
from authlogic.
That does it! Credentials cookie is set as expected and when destroying the session the cookie is successfully deleted.
Question is, should anything be done to help others who might become stuck with the same problem? Maybe it's a niche problem, but having it mentioned in the Readme might help (along with what's necessary in 6.1 - of what I saw when looking it up they'd only remove force_ssl
on the controller level though. It should still work on the application level).
from authlogic.
👏 for @tiegz's solution above. Had the same issue when debugging locally and not running a dev server with ssl. Consider adding a note to the README.
from authlogic.
Related Issues (20)
- Hashing ascii values vs bytes with SHA512 HOT 3
- Support for SameSite: "None" cookies HOT 1
- No changelog for 6.1.0 HOT 4
- Ruby 2.7 warnings HOT 2
- Password#password_changed? returns true when transitioning crypto providers HOT 4
- Raise an error if database connection is not established before using acts_as_authentic
- Thread Safety HOT 1
- Ruby 2.7 warnings even in 6.1.0 (but not in master) HOT 2
- There isn't Git tag for v5.2.0. HOT 1
- Rubydoc for Authlogic is broken HOT 1
- When logging out from inside an iframe the `user_credentials` cookie doesn't get deleted in chromium based browsers. HOT 1
- Upgrade dependencies to accept Rails 7 HOT 10
- Eliminating a deprecation warning in Rails 7.0 HOT 3
- Wrong error message when valid email format of not existing user and fake password provided HOT 1
- NameError - wrong constant name Object.const_get(camel_cased_word) HOT 1
- Reference documentation (rubydoc) is broken HOT 1
- NameError: `@' is not allowed as an instance variable name HOT 5
- Authlogic is incompatible with Minitest v5.19.0 and later HOT 3
- Incompatible with Rails 7.1 HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from authlogic.