Set Rails Account/Remember Cookie after Omniauth login

[mdodell]

Hey @janko,

Another question - I use cookie-based authentication in an API-only app, which works great for basic password/login signup. I then make a call to another endpoint that simply just returns the current_user for persistence.

This same route doesn't work for Omniauth login. Do I need to do anything special after Omniauth in order to set the rails_account variable/remember cookie?

[janko]

Hmm, OmniAuth login should log in the account in the exact same way as password login, which is to store account_id in the session. The rails_account method simply retrieves the account from the account_id stored in the session.

Note that a remember cookie is something else, it's a cookie separate from the Rails session, which persists after the browser is closed (unlike Rails' session cookie). It stores a token for the account, to be retrieved when the Rails session expires, and used to log in the user again. I'm not sure if that plays a role in the issue you're describing, but OmniAuth login calls the after_login hook, so the user should get remembered as expected.

[mdodell]

Hey @janko - it turns out this was due to my settings, as I was not hitting the callback route properly.

After my callback, I want to have a redirect back to my FE app. What is the best way to do that?

I tried configuring login_redirect in my Rodauth app, but to no success, as well as tried using redirect_to in the after_login callback.

[janko]

If you're writing an API-only app, the callback URL should point to the frontend app, which should then make the API request to the backend's callback endpoint (see instructions). At that point you're in your frontend app, so you can decide where you want to redirect to.