I am working on a legacy Rails 3.2 app and would like to log everybody out and have their _app_session be reset with the secure flag set to true. It seems like either changing our session_store strategy to secure: true or config.force_ssl = true. Strangely only the latter seems to work correctly in Chrome.
The question is that it seems like the best way to log everyone one would be to remove their session variable and I tried this solution here https://stackoverflow.com/a/11422931/152825 of:
rake tmp:sessions:clear
but it didn't seem to work. Is there a better way to clear these session variables?
Aucun commentaire:
Enregistrer un commentaire