views:

28

answers:

0

I've had two previous questions about active record store that all came down to the same thing.

Here's what I want:

I want to access the session at any time and see who is online right now and access their session variable from anywhere.

I need this because:

Users are separated into groups. If one person logs in he receives an api token that I receive from some third party site. If a person from the same group logs in he needs to have that same api token in his session. I cannot regenerate new api tokens on a per call basis.

I think active record store is a perfect solution for me, however, I have a problem implementing it!!!

InvalidAuthenticityToken keeps getting thrown because I used to use the default cookie store.

Thus I made this script to delete cookies but it does not seem to work:

In application controller

after_filter :delete_cookie
  def delete_cookie
    puts "deleting cookies"
    cookies.to_hash.each_pair do |k, v|
    puts k
    cookies.delete(k)
  end
end

The only other response I got was to remove protect from forgery. http://stackoverflow.com/questions/2941664/activerecordstore-invalidauthenticitytoken