What does “skip session storage” mean in the Motto jewel?

Question

What does “skip session storage” mean in the Motto jewel?

I read the self-education initializer file (config / initializers / deviser.rb) and have difficulty understanding this part.

# By default Devise will store the user in session. You can skip storage for # :http_auth and :token_auth by adding those symbols to the array below. # Notice that if you are skipping storage for all authentication paths, you # may want to disable generating routes to Devise sessions controller by # passing :skip => :sessions to `devise_for` in your config/routes.rb config.skip_session_storage = [:http_auth]

The reason I'm considering this is because I am trying to use api-based authentication on tokens, in which case I need to change this configuration line to:

 config.skip_session_storage = [:http_auth, :token_auth]

Can someone explain what the comments say?

+8

authentication ruby-on-rails devise

Vlad Jan 23 '14 at 3:23

source share

2 answers

user3069437 · Answer 1 · 2014-01-23T04:52:43+0000

Simply put, he tells Devise not to store the user in the session. Here is another explanation:

skip_session_storage +: By default, Devise will store the user in the session. You can skip storage for http and the auth token by adding values to the :: skip_session_storage => [: token_auth] or: skip_session_storage => [: http_auth ,: token_auth] array, the default value is skip_session_storage => [: http_auth].

Devise :: Models :: Authenticatable

For your goals and objectives, I will disable session caching using Warden / Devise; I believe this interfered with some APIs (don't take my word for it). Hope this helps.

nsarno · Answer 2 · 2014-08-30T09:29:11+0000

 # Notice that if you are skipping storage for all authentication paths, you # may want to disable generating routes to Devise sessions controller by # passing :skip => :sessions to `devise_for` in your config/routes.rb

This part indicates that if you turn off the use of sessions for all authentication methods, for example, on the following line:

 config.skip_session_storage = [:http_auth, :token_auth]

then you don’t need routes to sessions automatically generated by devise_for by default. Therefore, you should add the following to config/routes.rb :

 devise_for :users, :skip => :sessions

Hope this helps.

What does “skip session storage” mean in the Motto jewel?

More articles: