Cookie session problem

[mobilemindtec]

Hi,

I'm have problemas with cookie session:

ENV OTP_VERSION 20.3
ENV CHICAGOBOSS_VERSION 0.9-beta2

    {session_adapter, mock},
    {session_key, "_boss_session"},
    {session_exp_time, 525600},
    {session_cookie_http_only, true},
    {session_cookie_secure, false},
    {session_enable, true},

The cookie is being created in a strange way as shown:

What could be wrong? Thanks!

[Shpaky]

HI!
Did you solve the problem?

[mobilemindtec]

Hi,

I had to use version 1.9 of erlang to work.

[Shpaky]

Hi!
Please pay attention, CB of last version have 'cowboy' dependence '2.6.1':

https://github.com/ChicagoBoss/ChicagoBoss/blob/0.9-beta2/rebar.config#L32

Old versions of CB have 'cowboy' dependence '1.0.3':

https://github.com/ChicagoBoss/ChicagoBoss/blob/v0.9-beta1/rebar.config#L32

Maybe you form cookies use outside tools, for example 'mochiweb_cookies' and set their in headers of response?
In this case you should look to invokes chain:

https://github.com/ChicagoBoss/ChicagoBoss/blob/master/src/boss/boss_simple_bridge_handler.erl#L27
->
https://github.com/nitrogen/simple_bridge/blob/d4fc5d10716317bc0a21abab94d84965a620598d/src/sbw.erl#L506
->
https://github.com/nitrogen/simple_bridge/blob/d4fc5d10716317bc0a21abab94d84965a620598d/src/cowboy_bridge_modules/cowboy_simple_bridge.erl#L182
->
https://github.com/nitrogen/simple_bridge/blob/d4fc5d10716317bc0a21abab94d84965a620598d/src/cowboy_bridge_modules/cowboy_simple_bridge.erl#L231
->
https://github.com/nitrogen/simple_bridge/blob/d4fc5d10716317bc0a21abab94d84965a620598d/src/cowboy_bridge_modules/cowboy_simple_bridge.erl#L276
->
https://github.com/ninenines/cowboy/blob/master/src/cowboy_req.erl#L718

Since '2.0.0-pre.4' version, cowboy 'Req' instance transformed from list of tuples to maps.

ninenines/cowboy@2.0.0-pre.3...2.0.0-pre.4#diff-35690b7e376fd28ead17b68765249f6ff7223669751e55176342f592273dc161R569

[mobilemindtec]

Hi,

No, I'm use only boss_session:set_session_data(SessionID, logged_user, User). boss_web_controller_handle_request uses mochiweb_cookies:cookie. This is the problem?

boss_web_controller_handle_request:add_session_to_headers

add_session_to_headers(Req, Headers, SessionID) ->
    SessionExpTime    = boss_session:get_session_exp_time(),
    CookieOptions    = [
                        {domain, boss_env:get_env(session_domain, undefined)},
                        {path, "/"},
                        {max_age, SessionExpTime},
                        {secure, boss_env:get_env(session_cookie_secure, false)},
                        {http_only, boss_env:get_env(session_cookie_http_only, true)}
                       ],
    SessionKey        = boss_session:get_session_key(),
    lists:merge(Headers, [mochiweb_cookies:cookie(SessionKey, SessionID, CookieOptions)]).

[mobilemindtec]

boss add set-cookie in headers, but on new version of cowboy need set in Res#response.cookies. Right?