Skip to content


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Rack middleware to log in from a "remember me" cookie.
branch: master

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.

Rack::DeviseCookieAuth Build Status Dependency Status Code Climate

Rack::DeviseCookieAuth allows to log-in from a Devise remember-me token stored in a cookie.

It depends on Active::Support >= 4.0.0 and is tested against Ruby 1.9.3, 2.0.0 and the latest versions of Rubinius & JRuby.


Add this line to your application's Gemfile (probably in the :production group only):

gem 'rack-devise_cookie_auth'

And then execute:

$ bundle

Basic Usage

If you don't use Bundler, be sure to require Rack::DeviseCookieAuth manually before actually using the middleware:

 require 'rack/devise_cookie_auth'
 use Rack::DeviseCookieAuth, secret: 'YOUR_SESSION_SECRET'

To use Rack::DeviseCookieAuth in your Rails application, add the following line to your application config file (config/application.rb or config/environments/production.rb) for Rails 4:

config.middleware.use Rack::DeviseCookieAuth, secret: 'YOUR_SESSION_SECRET'

# or if you're using Rack::Cache, be sure to insert Rack::DeviseCookieAuth before
config.middleware.insert_before Rack::Cache, Rack::DeviseCookieAuth, secret: 'YOUR_SESSION_SECRET'

Please note that the :secret option is mandatory and can normally be found in the 'config/initializers/secret_token.rb' file of your Rails app.


Resource name

By default, the middleware will look for the user resource cookie named "remember_user_token" but if want to use authenticate againts another resource name you can set it with the :resource option:

config.middleware.use Rack::DeviseCookieAuth, secret: 'YOUR_SESSION_SECRET', resource: 'admin'

Redirection URL

By default, the middleware will redirect to the root path of the current domain but you can customize the redirection path with the :redirect_to option:

# It can be a path...
config.middleware.use Rack::DeviseCookieAuth, secret: 'YOUR_SESSION_SECRET', redirect_to: '/login'

# ... or a full URL
config.middleware.use Rack::DeviseCookieAuth, secret: 'YOUR_SESSION_SECRET', redirect_to: ''


Pull requests are very welcome! Please try to follow these simple rules if applicable:

  • Please create a topic branch for every separate change you make.
  • Make sure your patches are well tested.
  • Update the README.
  • Update the CHANGELOG for noteworthy changes.
  • Please do not change the version number.



Something went wrong with that request. Please try again.