Reputation: 6045
user_id in session not set when I decode the base64 cookie?
def create
user = User.find_by_email(params[:email])
if user && user.authenticate(params[:password])
session[:foo] = "bar"
session[:user_id] = user.id
redirect_to root_url, notice: "Signed in!"
else
flash.now[:error] = "Email or password is invalid."
render "new"
end
end
When I decode the base64 cookie, I get:
{I"session_id:EFI"%14cd484a34917f7d923ef8222c16e0e1;TI"foo;FI"bar;FI"_csrf_token;FI"1ajWlOZok1Amp8Nh9uOdUWzeM20b873zocEbyiR+b1ao=;FI"user_id;Fi }
How come the my session[:foo] is set but not my session[:user_id] ?
Upvotes: 0
Views: 698
Answers (1)
Reputation: 84132
Looks to me that it is set, but the value of user_id is such that it's Marshal.dump output (which is what a cookie stores) is a non printable or whitespace character. If you're interested in why only user_id is affected in this way you'd have to look into the details of the marshal format (which doesn't appear to be widely documented). I'd guess that with integers ruby basically spits out the byte value(s), which will often result in unprintables.
I don't know how you're doing that base64 decode, but if you do it in a ruby console then the default output of inspect does show non printable characters
Upvotes: 1
Related Questions
- Rails reading cookies returns a string instead of an object
- Rails 3 session & cookie how to persist session id cookie
- Weird behavior with session cookies
- user_Id Session Secure ? Hartl
- Decode a signed cookie in rails?
- Sessions and user_id in rails
- Session hash in rails turning into a string
- How to load Rails Session from session_id?
- Why can't a Rails session cookie be Base64 decoded completely?
- Rails cookie being set, session variable in cookie readable, session not readable