how can we have a Rails application without a session expiring automatically within specific period of time.
Or if the question can't bring a clear picture, is it okay to just delete the the line expire_after: 3.day,
from
config.middleware.use(
ActionDispatch::Session::CookieStore,
key: '_myApp_session',
expire_after: 3.day,
serializer: :json
)
not to expires the session automatically?
Thanks in advance
CodePudding user response:
ActionDispatch::Session::CookieStore extends this class from Rack https://rubydoc.info/gems/rack/Rack/Session/Abstract/Persisted which sets the deafult expire_after to nil, which in reality is 20 years from the moment the cookie gets saved, so deleting the option should give you a somewhat permament by default cookie. However cookies already saved before the change, will still expire after the period specified, only after getting saved with new option they will become permament.