Files
codeocean/config/initializers/session_store.rb
2022-09-06 13:28:12 +02:00

25 lines
776 B
Ruby

# frozen_string_literal: true
# Be sure to restart your server when you modify this file.
def self.cookie_prefix
if (Rails.env.production? || Rails.env.staging?) \
&& Rails.application.config.relative_url_root == '/'
'__Host-'
elsif Rails.env.production? || Rails.env.staging?
'__Secure-'
else
''
end
end
Rails.application.config.session_store :cookie_store,
key: "#{cookie_prefix}CodeOcean-Session",
expire_after: 1.month,
secure: Rails.env.production? || Rails.env.staging?,
path: Rails.application.config.relative_url_root,
# Signing in through LTI won't work with `SameSite=Strict`
# as the cookie is not sent when accessing the `implement` route
# following the LTI launch initiated by the LMS as a third party.
same_site: :lax