0

I have an AngularJS application running along with a Rails backend. The Rails creates a cookie during authentication process, and I have to check if this cookie exists on my AngularJS to know if the user is still logged in.

The problem is: Even though both applications (rails and angular) are in the same domain, I can't access the cookie inside AngularJS.

I tried "$cookies.getAll()" and it returns "Object{}".I tried "document.cookie.split(";")", but it returns "[""]".

If I create a cookie with the same content inside my AngularJS code, I am able to have access to it, but since the cookie is created inside Rails, it never gets available to me.

How can I have access to this cookie?

Cœur
  • 37,241
  • 25
  • 195
  • 267
Alexander Rumanovsk
  • 2,043
  • 4
  • 21
  • 33
  • Which method are you using to authenticate? Bear in mind Rails will encrypt its cookies in most scenarios, and thus they cannot be plainly read by outside applications, regardless of domain. What do you see when you inspect the Rails generated cookie using the browser? – Augusto Samamé Barrientos May 30 '16 at 20:44
  • BTW, are you sure we are talking about cookies? When you indicate "cookie is created inside Rails" are you sure you are not talking about sessions? Sessions are in-memory constructs that cannot be shared between Rails and any outside platforms like an AngularJS app. Cookies on the other hand, can be potentially cross-platform as they bits of information that are saved in the browser and can be readily accessed by everything and everyone, provided they are decrypted if they were encrypted in the first place. – Augusto Samamé Barrientos May 30 '16 at 20:51
  • We're using oauth2 to authenticate. Here is the code: "Rails.application.config.session_store :cookie_store, key: 'keytest', domain: :all" – Alexander Rumanovsk May 30 '16 at 20:51
  • Will [this](http://stackoverflow.com/questions/17982868/angularjs-best-practice-for-ensure-user-is-logged-in-or-out-using-cookiestore) link work as suggestion? Basically you don't share cookie, but making a server call from Angular to Rails app to ensure user is logged in and then store it in Angular. – Pavel Bulanov May 30 '16 at 20:58
  • oauth2 will sign the cookies when authenticating and will store them in the browser. Therefore you will have to access the browser cookie in AngularJS and decrypt it to access its contents. You can use a method analogous to this one: http://stackoverflow.com/questions/35013568/rails-4-how-to-decrypt-rails-4-session-cookie-given-the-session-key-and-secret – Augusto Samamé Barrientos May 30 '16 at 21:23
  • First confirm that you can see the cookie in the browser. In Chrome just check if you can see the Rails generated cookie in the Resources - Cookies Tab of the developer tools pane. – Augusto Samamé Barrientos May 30 '16 at 21:27
  • Yes, I can see the cookie in chrome resources. I just can't access it in my Angular code. – Alexander Rumanovsk May 31 '16 at 13:49

0 Answers0