Session become empty when using sinatra app #11

Open
arunagw opened this Issue Dec 15, 2012 · 4 comments

Comments

Projects
None yet
4 participants

arunagw commented Dec 15, 2012

Found something which needs to be looked.

Example: A sinatra app with having :session, true as a configuration.

this will reset session as {} and an error raised on our callback_phase method where we are checking raise OmniAuth::NoSessionError.new("Session Expired") if session['oauth'].nil?

Any idea??

Without session config in sinatra it contains

{"oauth"=>{"twitter"=>{"callback_confirmed"=>true, "request_token"=>"some token", "request_secret"=>"some secret"}}}

related issue here arunagw/omniauth-twitter#42

mftaher commented Jan 8, 2013

is there any update on this issue? I'm unable to connect to twitter second time when I logout; unless restarting the server, doesn't make any sense ...

danlo commented Aug 5, 2014

+1 ran into this problem; but for linked in.

arunagw referenced this issue in arunagw/omniauth-twitter Aug 20, 2014

Closed

"@sessions" does not exist #82

hcai commented Nov 20, 2014

@danlo have you figured out for linkedin yet?

danlo commented Dec 9, 2014

@hcai I wasn't able to figure it out; and it still plauges me. I think that devise (and I can't find where) does a reset_session. (I grep'd the code). I want to avoid the session fixation attack; so I'm thinking about rolling my own session just to by-pass the session_id changing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment