Open phlegx opened 3 years ago
The stored path is deleted after the sign in / redirect. Since there's no other intention of using that value (it's goal is to know if we should redirect back to the attempted path when not signed in), there's no real reason to keep it in the session.
If you have some application need that requires to know that path, I'd recommend stashing it on a separate/different key on your application then.
Other than that, I don't see anything else that'd cause the session to be a problem there, even with API only... if the above doesn't apply to your case, can you please provide a sample app showing the problem?
Hi @carlosantoniodasilva! Thx for your response.
Also if I set session[:my_custom_redirect_to] = '/en'
. Before login action this session key is nil.
class SessionsController < Devise::SessionsController
before_action :test
def test
p session[:my_custom_redirect_to]
end
# ...
end
@phlegx and what happens if you remove Devise from the equation, just your Rails API app configured with the session stuff, can you still set session values and retrieve them, etc? Honestly there's nothing special that Devise would do with the session, it's up to the app to configure it, which makes me believe this may not be Devise specific.
If you're unable to reproduce without Devise, please provide a sample app showing the issue with it, and I can try to help investigate further.
I'd resolved this issue in my app by removing the following line from my application.rb I'd had it left over from previous API only work when I wanted to re-enable cookies.
config.middleware.use ActionDispatch::Session::CookieStore
Environment
Current behavior
I use custom failure app:
And the failure app class:
If I disable my failure app (devise config), the problem persists. So, it is not a problem of my failure app.
I use Rails as API only and I have set:
and
I check the session id on every action and the id's are always the same.
Cookie store
The default Devise failure app don't set the cookie in the response.
Expected behavior
Session key
session[:user_return_to]
should remain set for the next request.