►
From YouTube: BE Pairing - 20230317 - Hooking into Devise cookies
Description
In this session we continue a problem that was brought up in a past BE pairing -adding a cookie that can be read from about.gitlab.com whenever the user is signed in.
A
Let's
I'm
gonna
shelf
that
conspiracy
theory
because
I
love
it
it's
a
really
good
one.
But
let's,
let's
dive
into
the
cookie
stuff.
B
Sure,
okay,
this
is
the
correct
screen,
so
I
got
stuck
here
because
and
of
course,
I
can't
find
my
sessions.
Controller
I
got
stuck
here
because
this,
if
statement
that
we
worked
on
last
time,
yeah.
B
A
B
The
logic
with
sound
and
the
code
made
sense
to
me
and
I
even
tried,
adding
this
so
yeah.
A
B
So,
if
only
the
remember
easy
token
is
there
like
this
cookie
will
appear
it's
a
desert
and
then
just
pushing
up
all
my
works.
I
didn't
have
to
think
about
it.
If
my
computer
load
I
ran
into
this
era
in
like
two
tests
and
I've
come
across
this
no
method
there
for
strip
before
and
the
only
thing
I
had
to
do
was
stub
my
test
and
it
cleared
it
out,
but
that
is
working.
Yeah
I
am
stuck
here
because
strip
doesn't
exist
anywhere.
Yeah.
A
That's
wild
capybara,
slow
finder
on
the
sign
in
spec,
that's
yeah,
so
I
don't
know.
Do
you
want
to
do
you
want
to
start
trying
to
start
the
GDK
and
run
through
sign
ins
and
and
tweaking
and
testing
things
out
that
way,
or
do
you
want
to
fix
this
trying
to
fix
this
strip
thing?
First,.
A
A
B
A
No
okay,
but
is
this
a
result
of,
is
this
from
something
has
changed.
A
Okay,
allow
tours
I,
see
I,
see
I,
think.
Does
it
automatically
mock
it?
If
you
do
the
allow
to
receive
or
does,
does
it
still
pass
it
through.
B
A
A
C
A
Know
have
you
have
you
ever
run?
Do
you
do
you
run
spring
at
all,
so
anytime,
I
run
our
spec
I'll
do
bundle
exec,
oh
nice,
so
it's
working
out
spring
R
spec
and
it
increases
creases
the
run
time
because
spring
is
like
a
server.
That's
always
running
the
background
and
caches
some
like
Ruby
stuff.
It
reads
so
it's
like,
rather
than
if
you
just
run
R
spec.
It's
running
it
has
to
read
through
all
the
Ruby
stuff
brand
new.
A
Every
time
spring
somehow
adds
a
little
spring
to
its
step
and
makes
it
faster
all
right,
yeah,
something's,
something's
off
there.
Let's
try.
Let's
try
just
commenting
out
46.
So
let's
include
45
and
see
what
happens
there.
B
No
I
totally
understand
because
I
was
like
weird:
this
should
work.
A
Here
we
go
okay,
wow
all
right,
so
then
I
think
it's.
It
sounds
like
wait.
No,
it's
not
in
the
destroy
Club,
destroy.
A
So
one
thing
we
could
do
maybe
online.
Maybe
comment
out
comments
out
line
98
through
100.
A
Yeah,
we'll
we'll
see
I
wonder
if
it's
even
the.com
check,
maybe
there's
some
issue
with
the
way
this
feature.
Spec
is
set
up
and
somehow
so
it
still
failed.
A
A
Yeah,
okay,
so
it
is
when
we're
setting
the
cookie
there.
It
is
not
happy
at
all.
A
B
C
B
A
C
A
To
know
yeah,
that's
weird
I,
so
I
wonder
if,
like
maybe
even
like
copy
borrowed
like
didn't
know
what
to
do
with
that.
You
know
okay,
so
to
test
this
out.
Do
we
want
to
give
it
the
actual
domain,
or
do
we
want
to
do
we
want
to
like
just
use?
A
We
could
pass
through,
like
the
request
domain,
just
to
hear
temporarily.
You
know
what
I'm
saying
no
somehow
I
think
we
can
get
the
domain
from
the
request
itself.
Okay,
I!
Don't
know
how
to
do
that
and
I'm
really
tempted
to
just
ask
chat
gbt,
but
it's
probably
not
going
to
give
me
the
right
answer,
but
I
am
going
to
ask
it
anyways
and
rails.
How
do
I
get
the
domain
from
the
request?
B
A
B
B
A
C
C
A
A
I'm
asking
chat
GPT
talking
to
stack
Overflow
can't
code
without
the
internet.
C
A
The
on
the
zoom
chat
I
sent
the
stack,
Overflow
answer,
which
seems
to
suggest
doing
just
getlab.com.
Okay
work
because
it
looks
like
domain
matching
is
I,
provide
the
parent
domain
and
any
subdomain
of
that
will
will
work.
I,
guess:
okay,.
A
A
There
you
go
so
I
I
have
no
idea.
There's.
A
If
we-
yes,
yes,
so
and
I
think
we
would,
we
would
like
to
not
hard
code
get
love.com
even
in
the
production
code
itself,
so
somewhere
we
somewhere.
We
get
that,
like
that's
in
our
settings
or
something
to
like
what
is
the.
B
A
C
A
Right:
here's
an
example
line
of
code
that
I
see
if
you
go
to
a
file
called
instance
configuration.
A
A
Oh
yeah,
it
looks
like
we
even
have.
This
is
the
one
I
was
looking
for.
We
have
gitlab
config
gitlab
host.
A
C
A
C
A
A
C
A
A
So,
just
just
for
fun
before
we
run
it
locally,
do
we
want
to
try
it
with
the
and
the
about
is
not
present
check
or
do
we
want
to
try
it?
Do
we
want
to
do
it
without
that?
One.
B
C
B
A
B
A
I
have
a
feeling
that
oh
but
wait
wait
present.
A
At
me,
okay,
yeah,
but
I-
think
this.
This
this
condition
will
always
be
false,
because
on
line
97
we
set
about
gitlab,
active
user,
and
so
there's
no
way
it's
not
going
to
be
present.
A
B
A
I,
there's
only
one
way
to
find
out.
I
have
no
idea
all
right.
B
Okay,
cool
I
have
my
active
user
and
this
one
yeah.
This
is
what
I
wanted.
If
I
didn't
play
that
extra
truthy
or
falsy
value,
then.
B
I
close
this
and
oh
because
I
was
sharing
that
screen
everything
closed.
That
makes
sense.
C
A
But
if
I
remember
our
conversation
last
time,
yeah,
it's
not
great
to
have
two
cookies,
but
because
of
the
difference
of
the
lifetime
between
the
two
cookies
we
might,
it
might
be
the
easiest
thing
to
do
if
we
have
two
cookies,
but
that
second
one
we
set
to
the
same
length
of
time
as
the
remember
user
token,
you
know
what
I'm
saying.
C
A
Which
that
would
be
cool
but
yeah,
so
we
can
have,
it
is
basically
so
somehow
we
can.
The
intent
is
the
cookies
that
we
would.
You
want
to
be
able
to
read
directly
from
about
gitlab.com.
B
A
That
makes
sense,
so
I
would
and
I
think
then,
if
we
can't
read
from
the
expirations
from
the
cookie
itself,
because
for
some
reason
we
were
only
getting
the
value
I
would
then
just
we
can
clone
the
expiration
bit
that
we're
using
and
the
remember
user
token
device
thing,
because
there
was
some
sort
of
like
expires
thing
that
we
set
there
and
we
can
try
that
out.
B
But
then
would
they
necessarily
hat
like,
even
though
they
had
the
same
expired
time?
I,
don't
think
they
would
still
expire
at
the
same
time,
because
this
remembered
user
cookie
would
have
an
expiration
that
doesn't
necessarily
mean
that
it
started
at
the
same
time
as
the
remember
user
token
that
expiration
didn't
start
until
you
actually
clicked
the
Box.
A
I
right
I
think,
but
that's
where
our
hook
comes
in,
like
all
of
it
happens
on
sign
in
is
when
all
these
are
set.
I
think
I,
don't
know
if
remember
user
token,
and
that's
a
really
good
question,
though,
because
it's
possible,
remember
user
token
can
get
reset
another
way.
A
A
A
But
yeah
so
that's
one
option
and
we
can
go
down
that
option
and
try
to
poke
at
the
device
controller
where
or
devise
like
I.
Don't
know
you
know
what
we're
setting
up
with
it,
but
we.
C
B
Yeah,
let
me
switch
over
I
think
it's
this
rememberable
thing,
and
this
is
the
only
time
it's
used.
A
A
A
I
mean
that's,
that's
the
and
I
think
also
like
evaluating
the
the
criticalness
of
consistency
like
if
it's
very
critical
that
we're
consistent,
then
yeah.
Probably
this
we
need
to
figure
out
what's
actually
setting
this,
but
if
it's
not
super
critical
and
like
if,
for
some
reason,
these
things
are
off
a
little
bit,
then
maybe
that
maybe
it's
acceptable
to
to
just
do
it
at
this
time.
B
C
A
B
C
A
Wait
does
rememberable
really
applied
on
the
controller
because
the
dog
seemed
to
suggest
it
should
be
applied
to
the
user.
Is
it
applied
to
the
controller,
the
sessions,
controller,
I.
A
A
Remember
is
that's
the
only
oh
do
we
have
other
I
would
have
ours
that
we
added.
C
A
Okay,
do
we
want
to
try
to
add
another
price,
shell
and
and
poke
at
some
methods
that
we
might
be
able
to
use
here
because
I'm
looking
at
I'm
looking
at
this
thing-
and
it
looks
like
we
might
be
able
to
grab
things
from
the
current
user,
but
I
don't
know
if
we
have
access
to
the
current
user
so
it
might,
it
might
be
worth
poking
around
there.
C
B
B
A
B
A
B
I
think
I
need
to
sign
in
first
before
I.
Do
all
this
stuff.
B
A
A
A
I
think
yeah.
We
don't
need
the
question
mark.
It
should
be
good.
Just
without
a
question
mark
cool
great.
Can
we
try
doing
current
user
dot?
Remember
expires
at
oh
current
underscore
user.
Sorry.
B
No
I
understood
my
fingers
did
not
no.
A
You're
good
dot,
remember
expires
at
remember,
then
underscore
yeah.
A
B
Am
I
still
in
the
right
spot
could
I
okay,
these
are
I.
Don't
remember.
A
Yeah
awesome:
there
we
go
there's
the
date,
that's
how
we
can
get
it.
That's
what
we
can
put
in
the
expiry.
The
expires
thing
x-ray,
expiry
I,
don't
know
what
I
don't
know
where
I'm
getting
that
expert
from
for
some
reason
that.
B
B
C
A
B
B
B
A
A
A
A
C
A
B
A
C
B
B
Think
so
why
do
they
make
this
so
difficult
to
open
anything
on
the
side.
A
B
A
Yes,
it
is
getting
later
and
later.
Yes,
okay,
all
righty.
B
A
I
was
it
was
worth
a
shot,
yeah
I,
don't
think
our
our
approach
is
gonna
work,
the
speaking
of
iteration
like
we
could
just
move
forward
with
this
approach,
and
it
just
works
a
little
bit
and
then
try
to
improve
it.
It'll
work,
if
you
haven't
clicked.
Remember
me
but
it'd
be
great
to
get.
Remember
me
working
so
it
does
seem
like
we
need
to
hook
into
whatever
recreates
that
get
lab
session
thing
is
we
need
to
hook
into
that
and
that'd
be
great,
because
then
we
only
get
one
cookie.
B
A
A
B
A
So
I
kind
of
wonder
if
this
is
used
to
this
is
where
we're
going
to
create
the
new
session
and
under
the
hood,
is
where
that
cookie
gets
stored,
and
so
this
happens,
whether
we're
doing
the
remember
me
checks
or
whatever
it
is,
and
so,
if
we
can
hook
into
here
and
write
our
own
cookie,
that
would
be
great.
A
C
A
B
A
Just
wondering,
could
we
try,
could
we
try
adding
a
price
show
to.
A
C
A
B
A
B
Oh
yeah,
okay,
let
me
actually
comment
this
out,
so
I
can
sign
out.
C
B
C
A
Okay,
I,
don't
know
if,
if
rails
will
automatically
reload
all
these
initializers,
so
it's
possible.
We
need
to
reload
rails,
oh
shoot.
B
A
C
A
Let's
try
to
do
it
from
the
console
and
see
what
happens
if
we
just
add
like
a
test
cookie.
B
Nothing
would
be
response,
okay,
response
shoot.
Is
it
set
cookies,
I
think
it's
set
cookies.
A
I,
don't
know,
there's
only
one
way
to
find
out
or
not
set
cookies,
let's
just
whatever
name
of
whatever
cookie
we
want
to
do
like
test
or
whatever
it
is,
and
then.
A
Then
if
you
run
okay,
so
it's
there,
if
you
run,
if
you
run
exit,
it
should
keep
the
price
shell
yeah.
It
should
continue.
Yes,
great
great,
so
continued
execution
go
ahead
and
run
exit
again.
A
Okay
on
the
the
window
is
the
new
cookie
there,
the
tester
cookie
that
we
added
just
now.
B
I
got
a
request.
Deadline
like
I
got
an
error.
A
B
B
C
A
A
I,
don't
think
they
get
Reloaded,
let's
go
ahead
and
quit
out
of
the
The
Binding
bright
too.
So
maybe.
C
A
B
B
C
A
A
What's
the
thing
what's
that
button?
There,
though,
that's
like
a
oh,
that's
I,
don't
know
what
that
says.
I.
A
Let's,
let's
go:
let's
try
one
more
thing
out
to
investigate
and
then
and
then
yeah
might
be,
might
be
at
time.
A
Can
we
go
back
to
the
vs
code
and
go
ahead
and
let's
move
our
our
eye,
shell,
we
can
get
rid
of
line
29
and
let's
try
moving
the
binding
price
shell
into
the
active
session
set
because
I
see
that
we
pass
in
the
off
dot
request
thing
there.
It
says
that
this
thing
gets
a
reference
to
the
request,
so
just
anywhere
in
here,
I
think
if
we
could
do
the
binding
price
shell
I
want
to
see
what
other
things
are
on
that
request.
A
I
moved
it
into
here,
so
that
we
don't
have
to
keep
doing
that
restarting
of
rails,
because
this
isn't
an
initializer.
So
if
we
add
the
shell
here,
we
won't
have
to
restart
rails.
It
should
pick
it
up.
A
Is
there
a
way?
Could
we
do
like
I?
Think
we
can
do
like
inspect
is
a
method
you
can
do
like
request,
dot
inspect
and
we
can
see
some
more
properties
and
stuff
on
it.
That's
not
helpful.
C
A
A
I,
don't
know
how
to
see
more
stuff
on
it.
What
kind
of
it
says
it's
an
action,
dispatch
request:
okay,.
A
A
A
I
wish
we
could
get
some
more.
Let's
try
doing
the
tab,
Auto
completing
it's,
not
giving
us
a
lot
of
really
great
info
of
our
request.
Object
if
you
like
request
yeah
the
article
playlist,
causing
things
to
blow
up
on
their
yeah.
A
Yeah,
so
what's
tough
is
just
doing
this?
Is
this
doing
the
string
representation
of
it?
I
want
to
see,
like
all
of
the
properties
and
stuff
from
I'll,
just
see
all
properties.
A
A
A
Then
all
right
we
can
quit.
We
can
quit
this,
so
I
think
if
we
had
access
to
the
response
bit
that
we
get
from
controllers,
we
could
easily
write
a
cookie
here,
but
I
think
that's
the
big
question.
So
that
would
be
a
great
question
to
bring
to
Julie.
A
On
line
28,
there's
off.request,
is
there
an
off.response
or
something
like
that?
I
really
don't
know
or
like
at
this
level?
Is
there
another
kind
of
parameter
we
need
to
be
passing
into
active
session
set
so
that
we
can
do
this
I,
don't
know,
but
being
able
to
act
being
able
to
write
cookies
from
here
is
the
goal
and
I'm
not
really
entirely
sure
how
to
do
that.
You
can
even
share
this
line
of
code,
so
you're
not
like
super
just
waiting
on
it's
really.
Even
if
you
share
this
line
of.
A
And
I'm
sorry
I
knew
I
knew
it
wasn't
Julia
and
that's
why
I
was
someone
with
Julie,
but
it
wasn't
either
of
those
it.
C
A
A
About
that,
no
I
would
even
just
leave
a
a
question
to
this
line
of
code
on
the
development
Channel
or
the
back-end
channel
of
like
hey.
If
I
need
to
write
a
cookie
from
here,
how
can
I
do
that
and
someone
has
all
the
knowledge
to
be
able
to
do
this,
but
yeah
Jesse
would
probably
be
able
to
definitely
help
too
so
yeah.
Hopefully.
Hopefully
this
is
an
iterative
iterative
improvement
but
yeah
sorry,
we
hadn't
been
able
to
solve
the
problem
yet.
B
B
A
Currently,
as
it
stands,
we're
writing
both
cookies
nicely.
We
have
the
expiration
for
that
at
one,
but
that
doesn't
ever
update.
So
it's
not
gonna
work
out.
This
is
where
we'd
be
able
to
get
it
to
figure
out,
be
able
to
hook
into
it,
updating,
but
maybe
even
just
pushing
up
what
you
have
and
sharing
that
with
Jesse
she'll
be
able
to
figure
out
what's
wrong,
so
cool
thanks
for
bringing
the
problem
and
yeah
thanks
for
patiently
debugging
and
throwing
things
at
the
wall
with
me
as
we
try
to
figure
it
out.