Application and actioncable will not share cookie

Question

Application and actioncable will not share cookie

I use the program for authentication, but when I implemented my method, I got "An unauthorized connection attempt was rejected"

After several hours of searching, I found out that:

cookies.signed['user.id']

returns nil. In the next block of code.

 def find_verified_user if verified_user = User.find_by(id: cookies.signed['user.id']) verified_user else reject_unauthorized_connection end end

I checked and there is definitely a cookie, but it does not contain the cookie data set by Devise.

To check if "user.id" is actually set, I bring it up in the view. This, as a rule, returns the user ID

 Signed in as @#{cookies.signed[:username]}. - raise(cookies.signed['user.id'].inspect) %br/ %br/ #messages %br/ %br/ = form_for :message, url: messages_path, remote: true, id: 'messages-form' do |f| = f.label :body, 'Enter a message:' %br/ = f.text_field :body %br/ = f.submit 'Send message'

My question / question:

The cookie seems to be unavailable on the actioncable server.
Is there a way to share a cookie using Devise with a cable server?

https://github.com/stsc3000/actioncable-chat.git

+8

ruby cookies ruby-on-rails-4 devise actioncable

Bas de ruiter Dec 24 '15 at 13:23

source share

4 answers

Pwnrar · Answer 1 · 2016-01-25T00:18:23+0000

Check the client JavaScript file that connects to the Action Cable server. In some tutorials, you added this to "app / assets / javascripts / application_cable.coffee" and others to "app / assets / javascripts / channels / index.coffee, but it looks like this:

 #= require cable @App = {} App.cable = Cable.createConsumer("ws://cable.example.com:28080")

You need the WebSocket address to point to your cable server, and that address must share the cookie namespace with the rest of your application. Most likely, your indicates a wrong place, so for example, if you are working on it locally, you will need to change:

 App.cable = Cable.createConsumer("ws://cable.example.com:28080")

to

 App.cable = Cable.createConsumer("ws://localhost:28080")

assuming, of course, that your cable server is running on port 28080 (specified in the bin / cable executable). Also be sure to clear the browser cache, so the updated file is the one used by the browser.

Felix ramirez · Answer 2 · 2016-04-19T13:49:19+0000

Not sure if this works for you, but I had the same problem with Rails 5.0.0.beta3. I have not changed to the following line:

 App.cable = Cable.createConsumer("ws://localhost:3000")

I saved it as it was before

  @App ||= {} App.cable = ActionCable.createConsumer()

But what I changed is related to Cookies. No matter what . The cookie for my user_id will not be displayed. So I did the job. I got a cookie to save the username instead, then I was finally able to see it in a call to the find_verified_user function.

After the user logs in (# create sessions), I call a helper function:

 sessions_helper.rb def set_cookie(user) the_username = user.username.to_s cookies.permanent.signed[:username] = the_username end

New find_verified_user

  def find_verified_user if current_user = User.find_by_username(cookies.signed[:username]) current_user else reject_unauthorized_connection end end

This may or may not be the best solution, but after several hours of embarrassment and disappointment, it worked for my situation. Hope this helps someone.

Marcelo austria · Answer 3 · 2019-08-19T06:38:21+0000

You need to configure in config / initializers / session_store.rb

 # using cookie store if Rails.env.production? # to share across subdomains Rails.application.config.session_store :cookie_store, key: '_app_name_session', domain: ".example.com" else # to share with any domain Rails.application.config.session_store :cookie_store, key: '_app_name_session', domain: :all, tld_length: 2 end #for redis store elsif Rails.env.production? # to share across subdomains Rails.application.config.session_store :redis_store, { servers: [ { host: YourRedisHost, port: YourRedisPort}, ], key: '_app_name_session', expire_after: 1.day, domain: '.example.com' } else # to share with any domain Rails.application.config.session_store :redis_store, { servers: [ { host: YourRedisHost, port: YourRedisPort}, ], key: '_app_name_session', expire_after: 1.day, domain: :all, tld_length: 2 } end

Jeni · Answer 4 · 2019-01-11T20:34:56+0000

The problem I discovered is this: I have 2 different users logged in. One logged on at 127.0.0.1, and the other logged on to the local host. so when I log in to my website using 127.0.0.1∗000, but my cable is configured to work on the local host as follows:

  config.action_cable.url = "ws://localhost:3000/cable"

in config / environments / development.rb

the user logged in at 127.0.0.1 makes a cable request to "ws: // localhost: 3000 / cable" (as configured), but in this way the cookie saved for localhost is sent even if I make a request with 127.0. 0.1, which is another user (or no user at all).

So the bottom root is what Pwnrar points to, the configuration of the cable address and the way you access your website.

Thus, in order to solve this problem, always go to your website using the server address configured for your cable, otherwise cookies will be mixed.

Application and actioncable will not share cookie

My question / question:

More articles: