search

stevepolitodesign / rails-authentication-from-scratch

A step-by-step guide on how to build your own authentication system in Rails from scratch.
https://stevepolito.design/blog/rails-authentication-from-scratch/
222 stars 32 forks source link

Do not use `permanent` when reading from cookies #91

Closed fredplante closed 1 year ago

fredplante commented 1 year ago

When we want to store a permanent cookies, we have to use the permanent accessor. When reading, this is not needed. See documentation :

This jar is only meant for writing. You'll read permanent cookies through the regular accessor.

When we want to check for a cookie existence, instead of doing:

cookies.encrypted[:remember_token].present?

we can do just:

cookies[:remember_token]

fredplante commented 1 year ago

@stevepolitodesign CI fixed in https://github.com/stevepolitodesign/rails-authentication-from-scratch/pull/92

You might want to merge the other first, then I'll rebase this one