Devise Part 2: Using Redis Sessions Instead Of The Cookie Store
Published: Mar 7, 2022
Last updated: Mar 7, 2022
In the previous post
Today, we will take that one step further by swapping out the default cookie store to use Redis instead.
Source code can be found here
Prerequisites
- Basic familiarity with setting up a new Rails project
. - Redis
should be setup and running.
Getting started
We will be working from the source code found here
# Clone and change into the project $ git clone https://github.com/okeeffed/demo-rails-7-with-devise-series $ cd demo-rails-7-with-devise-series $ git checkout 1-setting-up-devise # Create required files $ touch config/initializers/session_store.rb # Add required gems $ bundler add redis-rails
Configuring our store to use Redis
There really isn't too much too this other than setting up an initializer.
Inside of config/initializers/session_store.rb
, we will be adding the following:
Rails.application.config.session_store :redis_store, servers: ['redis://localhost:6379/0/session'], expire_after: 90.minutes, key: '_demo_devise_omniauth_react_session'
At this point, we can boot up our server with bin/rails s
.
Monitoring our changes to Redis
To see what is happening with the Redis store, you can run redis-cli monitor
in another terminal to see what is happening.
Go back to our flow of signing in and out of the app. If you haven't created an account from part one, do so now in order to do it.
$ redis-cli monitor OK 1646385148.623807 [0 [::1]:49436] "get" "session:2::69618aacfcd4737514bd0d540b73ccc2020b5f98a192c2baa38fda2c7618f8e0" 1646385148.880797 [0 [::1]:49436] "del" "session:2612c5dbfddbd05a599133f36b8aef68" 1646385148.883186 [0 [::1]:49436] "del" "session:2::69618aacfcd4737514bd0d540b73ccc2020b5f98a192c2baa38fda2c7618f8e0" 1646385148.884397 [0 [::1]:49436] "setex" "session:2::ecb8e65b0cdda7092604b3b3b66873202cec32d1ca1af8f589eddfde63022cdb" "5400" "\x04\b{\aI\"\x19warden.user.user.key\x06:\x06ET[\a[\x06i\x06I\"\"$2a$12$OVcvnckKRbDKK5UEPZubl.\x06;\x00TI\"\nflash\x06;\x00T{\aI\"\x0cdiscard\x06;\x00T[\x00I\"\x0cflashes\x06;\x00T{\x06I\"\x0bnotice\x06;\x00FI\"\x1cSigned in successfully.\x06;\x00T" 1646385148.905098 [0 [::1]:49436] "get" "session:2::ecb8e65b0cdda7092604b3b3b66873202cec32d1ca1af8f589eddfde63022cdb" 1646385148.920525 [0 [::1]:49436] "setex" "session:2::ecb8e65b0cdda7092604b3b3b66873202cec32d1ca1af8f589eddfde63022cdb" "5400" "\x04\b{\bI\"\x19warden.user.user.key\x06:\x06ET[\a[\x06i\x06I\"\"$2a$12$OVcvnckKRbDKK5UEPZubl.\x06;\x00TI\"\nflash\x06;\x00T{\aI\"\x0cdiscard\x06;\x00T[\x00I\"\x0cflashes\x06;\x00T{\x06I\"\x0bnotice\x06;\x00FI\"\x1cSigned in successfully.\x06;\x00TI\"\x10_csrf_token\x06;\x00FI\"0vS4dc826i_YDuGX6PGKHyHCLQp7fsUw_KiXsMByvdMs\x06;\x00F"
Above is the example of some local logs that come up when I am logging in and out of the app.
If you reload the page you will still be signed in and you'll notice more requests are made to the redis-cli monitor
terminal.
Flushing out sessions
One of the benefits of Redis session storage is that you have full control over the session.
If you run redis-cli flushdb
in another terminal and then reload the page, you'll notice that the session has been removed and you'll be redirected to log in once again. This is one of the benefits of that control.
Summary
This part of the devise login tutorial is very short and straight-forward.
In the next post we will be looking to add Tailwind
Resources and further reading
Photo credit: pawel_czerwinski
Dennis O'Keeffe
Melbourne, Australia
1,200+ PEOPLE ALREADY JOINED ❤️️
Get fresh posts + news direct to your inbox.
No spam. We only send you relevant content.
Devise Part 2: Using Redis Sessions Instead Of The Cookie Store
Introduction