For example we have two rails applications. An old one, based on Rails 3, and a new one based on Rails 4. And we want to have access to our old Rails 3 session in the new Rails 4 application.
For this reason we need to go through these simple 3 steps.
1. Set the session in two apps for the same domain.
The first requirement that I want to mark out: your domain should be equal for the two applications. Subdomains may be different, but the domain must be the same.
Because of that, go into config/initializers/session_store.rb and write something like this:
These configs should be the same for two apps.
By default, a cookie, which goes through https conntection won’t be avaliable in http connection. See this for more details. It means that cookies won’t be avaliable through http connection, if they are used in https. So, I propose you to enable https in the 2nd app.
2. Change cookie serializer for the Rails 4 application
If we don’t change the serializer, Rails 4.1+ won’t have the ability to deserialize information in your cookie. You can read more about this at The improved cookies serializer.
3. Disable encryption for Rails 4.
After creation, your Rails 4 application will have a similar config/secrets.yml file:
And your old Rails 3 application doesn’t have a secrets.yml file. Instead of that, it has config/secret_token.rb file like this:
secret_key_base needs to encrypt the cookies for your rails application. Rails 3 doesn’t have this ability, so we need to just disable it in the Rails 4 app. You need to substitute the secret_key_base keyword with secret_token in rails 4 app. So, your new config/secrets.yml should looks like this:
This substitution disables encryption and enables signing for your session.
The token in two apps should be the same
I hope this topic will solve your problem. If something will go wrong or you have a question, you can leave a comment below. Thank you so much for reading.