devise_token_auth icon indicating copy to clipboard operation
devise_token_auth copied to clipboard

Published 20 hours ago verified publisher icon lynndylanhurley

Persistent cookie may be unauthenticated

Open rickygu opened this issue 6 years ago • 5 comments

I'm using

"ng-token-auth": "^0.0.30",
"angular-cookie": "^4.1.0"

with

devise_token_auth (0.1.42)

I have an angular cordova app which I want the user to be always signed in unless they sign out. I have devise_token_auth.rb set to

config.token_lifespan = 999.years

and checking the client side cookie it says the cookie expiry unix time 33045606682, which is year 3017. However my client apps would still get 401 Unauthorized once in a while. I haven't been able to reproduce it consistently on when I would get a 401, but it has happened a few times. Just wondering if anyone knows if there may be other factors I haven't looked at that can cause the client side to be unauthenticated?

rickygu avatar Mar 05 '18 07:03 rickygu

I had issues like this when I had config.change_headers_on_each_request set to true @rickygu . Have you tried turning this option off and seeing if you still have the problem?

zachfeldman avatar Mar 05 '18 13:03 zachfeldman

@zachfeldman my change_headers_on_each_request is already set to false. I found the performance hit on true was too high and it was buggy when I have burst of request.

rickygu avatar Mar 06 '18 03:03 rickygu

Hmm I don't have a ton of ideas then...

zachfeldman avatar Mar 06 '18 14:03 zachfeldman

I have the same problem with the same version devise_token_auth (0.1.42) @rickygu , you find a solution for this?

jaimearroyonavia avatar Nov 21 '18 01:11 jaimearroyonavia

@rickygu @kensk8 Quick question, were y'all just seeing this in a Cordova app? I'm curious what you mean about a "Persistent cookie". It's my understanding that cookies don't work in Cordova. Also, we just added cookie support in #1453 .

theblang avatar Apr 14 '21 23:04 theblang