Rails5 app loses session after capistrano deploy to Passenger / Apache env, works fine on Rails 4

Question

I manage a dozen or so Rails apps that all use Capistrano & Passenger.

I noticed that when I deploy an update to a Rails 5 app users get logged out, i.e. the session is lost. Apps that use Rails 4 or earlier don't, users stay logged in ; the session handling is all cookies in all cases (defaults).

I this related to different versions of Rails or Passenger ? Any ideas how to fix it ?

Here is the deploy.rb piece:

namespace :deploy do

  desc 'Restart application'
  task :restart do
    on roles(:app), in: :sequence, wait: 5 do
      execute :mkdir, '-p', "#{release_path}/tmp"
      execute :touch, release_path.join('tmp/restart.txt')
    end
  end

  after :publishing, :restart
end

and I am using

  * capistrano (3.13.0)
  * capistrano-bundler (1.6.0)
  * capistrano-rails (1.1.8)
  * capistrano-rails-console (2.3.0)
  * capistrano-rvm (0.1.2)

To deploy: cap production deploy

Thanks in advance for your help. Patrick

Answer 1

I think my problem was due to a change in Rails 5.2, the introduction of master.key and credentials.yml.enc to take over from secrets.yml

Because the Rails 5 app I created was using 5.2, the generator did not create a secrets.yml file anymore - but also the master.key setting was not enabled:

  # config.require_master_key = true

I assume that as a result of this Rails used some transient key to sign the cookies - which changed whenever the server was restarted.

I have now re-added config/secrets.yml to my project and from my testing it seems the problem has disappeared.