0

how can we have a Rails application without a session expiring automatically within specific period of time. Or if the question can't bring a clear picture, is it okay to just delete the the line expire_after: 3.day, from

config.middleware.use(
      ActionDispatch::Session::CookieStore,
      key: '_myApp_session',
      expire_after: 3.day,
      serializer: :json

  )

not to expires the session automatically?

Thanks in advance

Pema Namgay
  • 25
  • 3

1 Answers1

1

ActionDispatch::Session::CookieStore extends this class from Rack https://rubydoc.info/gems/rack/Rack/Session/Abstract/Persisted which sets the deafult expire_after to nil, which in reality is 20 years from the moment the cookie gets saved, so deleting the option should give you a somewhat permament by default cookie. However cookies already saved before the change, will still expire after the period specified, only after getting saved with new option they will become permament.

kkp
  • 436
  • 4
  • 11
  • Thank you so much for the insights @kkp, in conclusion what I get from your words is that if we don't include `expire_after:` option, it will set to a default which is nil or 20 years from now. And form the link(https://rubydoc.info/gems/rack/Rack/Session/Abstract/Persisted), expire_after: is a cookies option and it is okay to include or not. if I got wrong, sorry to help me agiain :) thanks! – Pema Namgay Jul 19 '22 at 13:29
  • You got it right, it is okey to not include this attribute, it is optional – kkp Jul 20 '22 at 07:16