Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Why SessionID in ruby-on-rails web application is changing?


  • Please log in to reply

#1
ramesrocks

ramesrocks

    New Member

  • Member
  • Pip
  • 2 posts

I am having a doubt that why my SessionID is changing for each web page after login in ruby-on-rails web application. Generally SessionID will be constant for a user through out the session till the user logoff. But in my case its changing. I am using a ruby webapplication - assancart, I used a python code for getting the cookie data from the cookiejar.

The data in cookie I got it after login is:

BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTEzZjQ3MWVlYzFjYzEwMWM2MzRlNGYxYWUyYWFkMDVhBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMUNHNmQ0c3V3bGFKVXZnTE11cllEdEViQW1kTUh2QW8yYmxQV2ZIRTlxeGc9BjsARg%3D%3D--e7a7067f9124f0e9524ad580acd3461240df9a95

When I decode it, I got

{"session_id"=>"13f471eec1cc101c634e4f1ae2aad05a",
"_csrf_token"=>"CG6d4suwlaJUvgLMurYDtEbAmdMHvAo2blPWfHE9qxg="}

When I click a link in that page (after login) and again tried to read cookie, then I got cookie data as:

BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJWE1YzJhY2QyM2I1ZWJiZTZkNGJhODI2MTE5MDRhYjg2BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMWVJdjZkWnE4QnJVeXFQV2JiUnZ4b1VqOWQwL2IzLzI1QThhRDJaRmo1MjQ9BjsARg%3D%3D--ffdc5c4a36a476d0b2f5ccf7917ca74a6687a42f

When I decode the above result, I got:

{"session_id"=>"a5c2acd23b5ebbe6d4ba82611904ab86",
"_csrf_token"=>"eIv6dZq8BrUyqPWbbRvxoUj9d0/b3/25A8aD2ZFj524="}

When I compare both the SessionID it differs, but SessionID must be same for throughout the login. Why it is happening to me like that.

Other thing I want to know is cookies will have session values also, but I am not getting that session values such as session role, etc etc, when I am reading cookie.

Can any one give me a answer for this?


  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP