Non-expiring sessions in Padrino

Question

I've made a Padrino app that has one single password for accessing the admin page. I'm using the following helpers for the authorization.

# Check if the user is authenticated.
def authenticated?(opts = {})
  if session["cooly"] != options.session_secret
    redirect url(opts[:send_to] || :login)
  end
end

# Create a new session.
def authenticate!
  session["cooly"] ||= 0
  session["cooly"] = options.session_secret
end

Write now, when I exit my browser, the session goes away and I have to login again. How do I keep the session?

score 1 · Answer 1 · answered Jul 26 '11 at 19:32

1

Make sure you have the in your app session_secret

set :session_secret, 'fc29ce0f33f0c8cde13f3'

answered Jul 26 '11 at 19:32

DAddYE

1,719
11
16

score 0 · Accepted Answer · answered Jul 26 '11 at 19:44

The answer was to make non-expiring cookies.

# Check if the user is authenticated.
def authenticated?(opts = {})
  if session["cooly"] == options.session_secret || request.cookies["cooly"] == options.session_secret
    return true
  else
    redirect url(opts[:send_to] || :login)
  end
end

# Create a new session.
def authenticate!
  session["cooly"] ||= 0
  session["cooly"] = options.session_secret

  expiration_date = 10.year.from_now

  response.set_cookie('cooly', :value => options.session_secret, :expires => expiration_date)
end

score -1 · Answer 3 · answered Jul 30 '11 at 00:56

-1

Check out: https://gist.github.com/977690 and that should resolve the issue.

answered Jul 30 '11 at 00:56

nesquena

216
2
6

Non-expiring sessions in Padrino

3 Answers3