Massive Cookie Size Leads to Errors

[alfmatos]

I'm using a devise_token_auth rails api backend with a ng-token-auth angular frontend. I had to activate cookies in order to support ActiveAdmin, using the config below in application.rb

config.middleware.use ActionDispatch::Session::CookieStore
config.session_store :cookie_store

However, as soon as I turn this on, I see massive cookies (well over the 4kb limit) that throw:

ActionDispatch::Cookies::CookieOverflow (ActionDispatch::Cookies::CookieOverflow):

As a workaround, I've added replaced the store with active-record_store to keep session information in active record:

config.middleware.use ActionDispatch::Session::ActiveRecordStore
config.session_store :active_record_store

But the cookies and session data in the store continue to grow. If I reload the angular app (browser refresh, I see cookies several kb's long. If I trigger a fast double reload, I loose the current token and the session size increases.

Any ideas on how to make devise_token_auth play together with CookieStore?

[MaicolBen]

Maybe you can try as before_action http://stackoverflow.com/questions/5435494/rails-3-disabling-session-cookies/12205114#12205114 in your api routes (api controller or a concern in every controller that uses devise token auth)

[zachfeldman]

Workaround proposed, closing for now