Prevent session creation on rails 3.2.2 for RESTful api
https://stackoverflow.com/questions/10717667
-
10-06-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
How can i prevent the session store from creating a session on JSON/XML calls ?
My problem is that i save sessions in a database and it gets flooded on multiple api calls.
I'm using Rails 3.2.2 and Devise for authentication.
Solution
My problem here was with Warden inside Devise. I had to "tell" Warden not to store the user in the session after the user is authenticated.
resource = warden.authenticate!(:scope => resource_name, :store => !(request.format.xml? || request.format.json?))
Hope that helps whoever sees this thread.
OTHER TIPS
resource = warden.authenticate!(:scope => resource_name, :store => is_navigational_format?)
in theory if you don't use it, it is not loaded now. up until rails 2.3.8, you could do:
# application_controller.rb
session :off, :if => :sessionless_request?
protected
def sessionless_request?(request)
request.format == :xml || request.format == :json
end
now you can do the same with this gem https://github.com/kares/session_off
You should use "devise :timeoutable" in your model and use config.timeout_in = 0 in config/initializers/devise.rb
Restart your server!
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
