roganjoshua

roganjoshua

I am trying to set a cookie that is permanent until changed

The problem I am trying to solve is this:

There is no authenticated or session user per se, just the browser.
When someone lands on the page I ask them to select a train station as their home train station. I want to store this somewhere, cookie?, so that when they return, that station will be their home station, until they change it.

It isn’t really a session thing, since their is no authentication, I am trying to make it as effortless for the user as possible.

Or is it better to just store it in session anyway?

Most Liked

garrison

garrison

Session has two meanings here:

First, there is the Plug.Session which is a k/v store (often called a Session in webdev) which stores data either in a cookie on the client (Plug.Session.COOKIE) or in an :ets table (Plug.Session.ETS).

Then, there is what is termed a “session cookie”, which is a cookie with no expiry set. When you set a cookie with no expiry (or max-age), the browser will delete that cookie “when it feels like it”, which is usually when the window or browser is closed (but not always).

If you use Plug.Session out of the box, you are probably using the Plug.Session.COOKIE store with the default settings. The default max-age for the Plug.Session cookie (which is configurable) is nil, meaning the cookie will have no expiry. This leads to the following unfortunate statement:

The “Session Cookie” is stored in a “session cookie”.

But it does not have to be a “session cookie” in which you store your “Session Cookie”, because you can set the :max_age option for Plug.Session, and then your Session will survive the browser being closed :slight_smile:

But yeah, in practice you can just set a cookie and then load it into the session instead of doing that. That’s what phx.gen.auth does.

BartOtten

BartOtten

Sessions: are gone when the browser is closed

Cookie: Great for permanent data like a location. However, you can’t access cookies from the socket.

To safe-guard your application, Phoenix limits and validates the connection information your socket can access. This means your application is safe from these attacks, but you can’t access cookies and other headers in your socket.

The solution when using LiveView? Read the cookie in a conn plug, set it in the session and pick it up in the LiveView again.

LiveView access to cookies

Local storage: this is not send to the server but you might be able to preselect the right location with a Javascript hook. This saves you the hassle of a cookie read, session set and session get.

garrison

garrison

BTW, to actually answer the OP:

It is fine to store your flag in a cookie.

If you decide you want to use LiveView, you won’t be able to access the cookie directly, but you can copy it from the cookie to the session and then to the assigns. If you want to see an example of this, run phx.gen.auth on an empty project and have a look at user_auth.ex, particularly ensure_user_token/1 and on_mount/4.

Where Next?

Popular in Questions Top

aadeshere1
I have a another noob question about loop. Since elixir is immutable, while loop is not directly possible. total = 10 while total != 0 ...
New
beno
I will often find my self writing things similar to: case some_value do nil -> something() "" -> something() _ -> somethi...
New
skosch
To my knowledge, put_in, Map.update etc. all have the one limitation of not automatically creating intermediate keys when needed (for exa...
New
johnnyicon
Hi all, I’ve just started learning Elixir and Phoenix Framework, so please pardon my n00bness at this stage. I’m trying to use Postgres...
New
Fl4m3Ph03n1x
About me? ( if you have nothing better to do than reading about some random guy in the internet :stuck_out_tongue: ) Hello all, this is ...
New
dblack
I’ve got an issue with an app and I’ve no idea of how to troubleshoot it. I’m hoping someone here might have seen something similar. I p...
New
shijith.k
I am trying to start a new phoenix project with elixir 1.9, but mix phx.new does not work. It says that ** (Mix) The task "phx.new" could...
New
hariharasudhan94
I would like to know what is the best IDE for elixir development?
New
PeterCarter
There are pre-rolled solutions for other frameworks that do work. However, Phoenix does not seem to have these. Have people had good expe...
New
lanycrost
Hi everyone! I need implement if…else if…else condition from my elixir code, and anymore of this control flow structures not work proper...
New

Other popular topics Top

malloryerik
Hi, this is for people who, like me, have had some friction using .html.heex templates in VSCode. The solution seems to be, in a hyphena...
New
WestKeys
Currently suffering from paralysis by [HTTP client] analysis. This is rather unusual in Elixirland as there tends to be consensus on the ...
New
marius95
Hello everyone, I try to use an Javascript Event Handler in my root.html.leex file. Therefore I created a function in the app.js file: ...
New
Darmani72
If I have a post route which an argument: post /my_post_route/:my_param1, MyController.my_post_handler How would get the post params ...
New
mcarvalho
What is the difference between System.get_env and Application.get_env? For example, what are best practices to use one versus another.
New
Fl4m3Ph03n1x
About me? ( if you have nothing better to do than reading about some random guy in the internet :stuck_out_tongue: ) Hello all, this is ...
New
alice
Hey, Just curious what are the main benefits of Elixir compared to Clojure? When is Elixir more useful than Clojure and vice versa? Th...
New
vonH
When I run the Plug and I recompile I wind up having to use Ctrl C to quit iex and start again. Witht the help of rlwrap I can use the cu...
New
nsuchy
Hi. I’ve noticed that Windows Powershell has it’s own IEX command and you cannot access Elixir’s IEX due to the conflict. This isn’t a cr...
New
AstonJ
We’ve put together this wiki for Phoenix LiveView - please feel free to add any info you feel is worth including. What is Phoenix LiveV...
New

Latest on Elixir Forum

Elixir Forum

We're in Beta

About us Mission Statement