Is it possible to persist a cookie after User login or multiple redirects?-CodePudding

I'm working on a flow where if the User is not logged in, I store a config hash in a cookie to be retrieved after the User logs in so the flow can continue.

starting controller:

def index
  if current_user.nil?
    cookies.signed[:config] = config

    redirect_to new_session_path
  end
end

SessionsController:

def new
  cookies.signed[:config].present? # true
end

def create
  # authentication logic

  redirect_to admin_users_path
end

Users controller:

def index
  cookies.signed[:config].present? # false
end

I can retrieve said cookie from the SessionsController new action after the first redirect, but after the User logs in and is redirected again to the final destination (create action), the cookie seems to be deleted because cookies.signed[:config] returns nil

I'm not deleting the cookie explicitly, and I've tried using session[:config] = config instead of cookies.signed but to the same result.

Is it possible to persist a cookie through multiple redirects or a User login?

Or do I have to set the cookie in each controller action so it is passed along until where I actually use it?

EDIT: The problem was that our generic login controller was under the subdomain app.ourapp.com while a logged in User was redirected to business.ourapp.com.

When no domain is specified during cookie creation, the request.domain is used by default so the cookie was never created for business.ourapp.com .

The fix was to pass a domain argument in the cookie creation so it was created for both app.ourapp.com and business.ourapp.com (cookies.signed(:cookie_name, domain: "ourapp.com")

CodePudding user response：

The problem was that our generic login controller was under the subdomain app.ourapp.com while a logged in User was redirected to business.ourapp.com.

When no domain is specified during cookie creation, the request.domain is used by default so the cookie was never created for business.ourapp.com .

The fix was to pass a domain argument in the cookie creation so it was created for both app.ourapp.com and business.ourapp.com (cookies.signed(:cookie_name, domain: "ourapp.com")