Ruby-on-rails – How to dynamically set the expiry time for a cookie-based session in Rails

ruby-on-rails

I'm currently using the ActiveRecord-based session store for my Rails app and I have a background process which clears out inactive sessions every 30 minutes.

I'd like to switch to Rails' new cookie-based session store but how do I set the expiry time of the session to 30 minutes, as opposed to the default 'at end of session' value?

Best Answer

I stumbled across this question after a conversation in the office. Just for the sake of completeness, I've discovered that it is possible to expire sessions after a period of inactivity and it's built into Rails. In config/environment.rb, do something along the lines of:

config.action_controller.session = {
  :key          => 'whatever',
  :secret       => 'nottellingyou',
  :expire_after => 30.minutes
}

Check out lib/action_controller/session/cookie_store.rb#114 for the (apparently undocumented) option in action. Looks like it's been around since the move to Rack sessions back in December 2008.

Option 1: reconfigure pfSense

When configuring OpenVPN in pfSense, the field "DNS Default Domain" is passed to the client as the "search" domain. If that field is unchecked or left blank, OpenVPN passes "dhcp-option DOMAIN openvpn" which causes resolv.conf to look like this, which does not help:

search openvpn
nameserver 10.10.160.45
nameserver 8.8.8.8

Our solution was to set "DNS Default Domain" to simply a dot: ".".

Screenshot of the DNS Default Domain field set to a dot in pfSense

This causes resolv.conf to look like this, which works!

search .
nameserver 10.10.160.45
nameserver 8.8.8.8

I can now ping with short hostnames.

mac:~  $ ping web2
PING web2 (10.10.160.6) 56(84) bytes of data.
64 bytes from web2 (10.10.160.6): icmp_req=1 ttl=64 time=0.380 ms

This is an easy solution since it doesn't require each client to be reconfigured.

Option 2: reconfigure Mac OS X

I have not tried it, but it may be possible to reconfigure Apple's DNS resolver to not append search domains, causing it, I believe, to act more like Ubuntu. It appears that something changed in Lion or Mountain Lion, causing MAC OS X DNS to not work as expected.

Option 3: reconfigure OpenVPN

It appears pfSense simply passes the "DNS Default Domain" field to OpenVPN, which adds it as a push configuration option like this:

dhcp-option DOMAIN company.com

If DOMAIN is unset, OpenVPN causes it to be set to "openvpn". This is not a pfSense issue.

IMO, it'd be nice if OpenVPN could be configured (or I could learn how to configure it) to not force DOMAIN to be set. In theory, this would cause the search domain to remain unset in resolv.conf and would allow use of short hostnames.

Ruby-on-rails – How to get the current absolute URL in Ruby on Rails

For Rails 3.2 or Rails 4+

You should use request.original_url to get the current URL. Source code on current repo found here.

This method is documented at original_url method, but if you're curious, the implementation is:

def original_url
  base_url + original_fullpath
end

For Rails 3:

You can write "#{request.protocol}#{request.host_with_port}#{request.fullpath}", since request.url is now deprecated.

For Rails 2:

You can write request.url instead of request.request_uri. This combines the protocol (usually http://) with the host, and request_uri to give you the full address.