cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
Use a reasonable expiry:
cookies.signed[:session_token] = {
value: @session.id,
httponly: true,
expires: 30.days.from_now,
same_site: :lax,
secure: Rails.env.production?
}
cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
Use a reasonable expiry:
cookies.signed[:session_token] = {
value: @session.id,
httponly: true,
expires: 30.days.from_now,
same_site: :lax,
secure: Rails.env.production?
}