Reputation: 905
Rails / Devise: Set session and cookies without creating a User?
I want to create a session and set cookies for that session-instance.
Especially in order to associate different anonymous requests to a browser (or to multiple browsers on one machine each, respectively) and in order to be able to be GDPR compliant.
There is basically no need to create an instance of a User model for this. It would suffice to keep track of the sessions in, say, ActiveRecord::SessionStore.
The documentation says that a database table is necessary in order to keep track of the sessions obviously.
Devise doesn't provide the possibility to create bare Sessions, right?
So I have to resort to ActiveRecord::SessionStore::Session and ActiveRecord::SessionStore to create bare sessions... (?)
Would it be viable to use both Rails and Devise sessions? Rails sessions for anonymous requests as stated above and Devise sessions for logged in users. I don't see the conflict here.
If it weren't for the fact that both Devise sessions and Rails sessions of the current request are both available through a session[]-Hash.
I don't know, if I create a name-collision, when I begin to use Rails Sessions with Devise Sessions for logged-in users.
So much, I appreciate every answer.
Von Spotz
Upvotes: 0
Views: 1162
Answers (1)
Reputation: 10099
The devise gem is designed to work with a User model and assumes there will be a record in that table. What I think you want is to not authenticate with devise as far as devise knows.
To use devise, somewhere you have something like this:
before_action :authenticate_user!
in your controllers. You need to simply not include this in the controllers where you want to skip the devise authentication. If this is in the base ApplicationController then you might use skip_before_action or only use the before_action above in those controllers where you want authentication.
The session is managed by rails and not devise. (Actually it is managed by the rack layer.) So you won't have any problems using the session hash and it will be unique for the session.
Upvotes: 1
Related Questions
- Rails : Secure Session Cookies
- Cookies without authentication ? (and cookie value)
- How to manually create a new user and user session in Devise?
- Devise sessions for multiple users
- How to set cookies when log in/out with Devise
- How do sessions and cookies work in Rails?
- Rails ActiveRecord store and new session
- Devise - how does it set session cookies?
- How can I logoff a specific user in a Devise powered Rails app?
- How to set a session for a user while using devise gem