Makes session works without caching-dev.txt

[woto]

Type of PR

• [ ] feature
• [ ] enhancement
• [x] bug fix
• [ ] other

Description

In case of absence of caching-dev.txt

cache_store initializes as :null_store

and later when it uses as session store

it simply disables Rails session functionality. As a result there is no way to do almost all actions which relies on Rails security csrf mechanism.

Checklist

• [x] My code follows the style guidelines of this project & the tests are passing
• [x] I have performed a self-review of my own code
• [x] I have requested a review from another developer(s)

[coderberry]

@hopsoft can you take a look at this when you get a chance?

[andrewmcodes]

@coderberry I'll take a look - need to test a few things

[woto]

@andrewmcodes No, all is correct. But as a usual developer, I didn't read instructions (joking). I read it, but successfully ignored step:

bundle exec rails dev:cache

as I perceived this step as optional.

It is recommended to develop with Rails cache enabled.

This application relies heavily on caching and may not work properly without the cache enabled.

And then I delved into the guts of the ActionController::RequestForgeryProtection to realize why I'm unable to login. At least with this change, we can log in to backend in the opposite of nothing. I think if you are against this change then this installation step in documentation should be changed to obligatory. Agree with me?

[andrewmcodes]

@all-contributors please add @woto for code

[allcontributors[bot]]

@andrewmcodes

I've put up a pull request to add @woto! :tada:

[woto]

@andrewmcodes Cool, thanks. I'm Looking forward weekends to discovering about this project more, because of interests in this area