►
Description
In this Backend pairing session we work on adding a `gitlab.com` cookie that can be read from `about.gitlab.com`.
A
C
C
Well,
Miracle,
you
said
you
were
having
some
issues
with
working
with
the
GDK
so
yeah.
Why
don't
would
you
mind
driving
sure
and
GDK
is
functional
right
now,
so
I
don't
want
to
make
it
mad.
A
No
totally
understandable
I
had
to
start
with
a
fresh
GDK
last
week,
and
that
was
not
fun.
Do
we
have
a
dock
where
I
can
drop
a
link
to
the
Mr
yeah.
C
Somewhere
I
think
you.
B
C
A
Okay,
I
just
dropped
it
in
the
slack
Channel
and
then
let
me
share
my
screen.
A
Okay,
so
I'm
from
the
marketing
team,
which
means
I
mostly
work
at
about.getlabs.com
and
not
getlabs.com,
and
we
wanted
to
personalize
marketing
for
git
Lab
customer
for
already
established
git
lab
customers,
and
we
wanted
to
do
that
basing
off
of
whether
or
not
someone
was
logged
into
the
gitlab
product.
So
my
idea
was
just
to
have
a
cookie
if
it
doesn't
pass
any
user
information.
I
just
wanted
to
have
a
cookie
on
the
gitlab
product
site.
That
just
tells
me
someone
is
logged
in
that
I
could
see
from
the
marketing
site.
A
So,
for
example,
like
my
get
free
trial
button
will
change
to
try.
I,
don't
know
ee
if
you're
not
already
and
originally
I
had
this
set
up
as
just
a
cookie
that
was
based
in
a
controller
and
then
after
working
with
Jesse
she's.
She
suggested
that
I
use.
Let
me
scroll,
let's
see
oh
yeah,
so
I've
been
stuck
for
a
little
while
she
suggested
that
I
use
the
active
session.ruby
file,
which
is
storing
I,
guess
session
cookies
based
off
of
the
user's
spaces.
A
Remember
me
we'll
log
them
in,
even
if
they
close
the
browser
and,
like
start
a
new
session
and
I,
had
my
cookie
base
suit
and
off
of
if
someone
signs
in
and
if
they
have
this
remember
me,
checks
they
don't
actually
need
to
sign
in
again,
so
it
breaks
my
cookie
I
get
a
little
bit
lost
here,
because
this
active
user
session
object.
C
A
Yeah
so
it
looks
like
it
gives
you
a
new
like
we
have
a
session
cookie
and
it
looks
like
it
gives
you
a
new
like
git
lab
session
cookie.
A
B
Okay,
yeah,
that's
interesting!
Let's
so
you
have
the
GDK
you're
wanting
to
open
up
the
GDK
to
see
this
is
the
merge
request
yeah.
So
we
already
have
this
working
then,
where
you're,
adding
a
new
cookie
that
could
be
read
by
the
about
pager.
A
Kind
of
I
have
like
a
draft.
Oh
let
me
switch
my
chat.
A
I
have
a
draft
going
kind
of
it.
Doesn't
it
doesn't
effectively
work,
but
it's
just
a
brainstorm
really,
and
it's
based
off
of
this
method.
In
the
controller.
C
B
A
B
A
And
I
was
trying
to
access,
and
this
will
also
be
like
stored
as
an
array
of
objects.
So
at
one
point,
I
was
trying
to
just
access
their
newest
entry
and
seeing
if
this
key
value
is
there
and
then
setting
my
cookie
based
off
of
that,
but
it
wasn't
working
if
I
checked.
The
remember
me
box,
which
is
where
I
got
lost
again
and
I
also
could
be
completely
misunderstanding.
Everything
that
Jesse
has
suggested,
which
is
also
why
I'm
here.
B
So
I
wanna,
I
wanna
understand
the
problems
more
and
I'm
very
I'm.
This
is
well
beyond
my.
You
know
normal
realm
of
expertise,
so
we're
we're
in
we're
in
company,
so
I'm,
just
brainstorming,
shooting
crazy
ideas
out
there
as
well,
but
I
do
want
to
understand
the
problem
more
so
from
the
about
gitlab
page.
We
would
like
to
know
if
they're
already
signed
in
and
is
this
like,
not
a
potential
use
cases.
B
B
A
Kind
of
so
what
you're
thinking
is
like
step,
three
of
like
us,
iterating
on
knowing
if
the
person
is
logged
in
Step,
One
is
just
seeing
if
they're
logged
in
and
then
instead
of
showing
them
like
hey
like
get
a
free
trial.
We
would
say:
hey
subscribe
instead,
because
if
you
are
when
you
logged
in
I'm,
assuming
you
have
a
free
trial.
B
And
the
that
UI
is
there
any
Ruby
code
in
the
about
project
in
the
www
project?
Is
it
Ruby
or
is
it
like
a
those
are
static
Pages,
like
do
you
get
back
in
code
and.
A
So
the
dub
repo
is
a
little
bit
of
both
be
going
into
UB
nav,
which
is
a
separate
repo
to
next
project.
B
And
so
what
you've
recently
added
is
here
on
the
left
of
this
set
active
user
thing?
Yes,
okay,
where
else
do
we
reference
cookies,
because
I'm
looking
on
the
far
right
and
I
see
active
session
is
all
about
like
okay?
This
is
because
correct
me,
if
I'm
wrong
and
obviously
there's
different
ways
of
doing
it,
but
I
feel
like
what
we
what
the
back
end
gives
to
the
client
as
far
as
the
cookie
goes.
Isn't
all
the
data?
B
B
Yeah
we're
we're
in
company
here
but
I
think
that's
my
working
hypothesis
for
how
this
might
work
so
because
what
I'm?
What
the
point
is,
is
that
I
think
the
about
page?
Will
it
need
to
know
that
information
behind
the
cookie
or
will
it
just
need
to
know
that
the
cookie
exists?
That's
the
question,
I'm
not
entirely
sure
about
I
have
a
feeling.
It's
it's
sufficient.
B
A
Sounds
doable
like
when
I
was
originally
doing
this,
the
only
value
I
was
storing
in
the
cookie
was
that
it
was
true
and
I
was
deleting
it
when
someone
signed
out
yeah.
What
threw
me
for
a
loop
is.
This
whole
remember
me
function
because
now
the
user
doesn't
have
to
sign
in
and
I
based
my
cookie
creation
off
of
them
signing
in,
and
that's
what
led
me
to
this
active
sessions
Ruby
file,
because
this
is
somehow
connected
to
that.
Remember
me
token,
when
it
creates
a
session
well.
A
So
sorry,
there's
a
there's
a
link
somewhere
about
this.
It
looks
like
it
just
sets
a
new
get
lab
session
cookie
and
skips
over
logging
in.
B
So
I
thought
my
my
understanding
of
remember
me
is
like
that's
just
going
to
affect
the
life
of
the
cookie
and
the
life
of
all
this
stuff.
So
at
some
point
on
cookie
creation,
I
thought
that
remember
me
and
otherwise
would
follow
the
same
path,
but
this
this.
But
this
is
all
still
I'm.
Conjecture,
I'm,
not
and
I
really
don't
know.
B
When
both
cookies
are
gone
and
expired,
you
must
sign
in
oh
I,
see
how
interesting
I
see.
So
we
wouldn't
necessarily
want
I
see.
So
it
sounds
like
the
problem.
Is
we
don't
want?
Oh
don't
interrupt
me.
A
little
girl
I'll
be
there
in
just
a
little
bit.
No,
not
right!
Now
we
need
to
it's
not
about
the
cookie
being.
B
B
So
I
yeah
I
think
that
sounds
like
that's
the
challenge
of
how
do
we
from
the
from
the
about
page?
If
we're
seeing
if
a
gitlab
session
cookie,
is
there
the
gitlab
sessions
cookie
there?
We
can
assume
we're
good
like
if
so
when
we
create
that.
A
B
A
A
B
Yeah
that
totally,
that
totally
makes
sense,
but
I
think
we
create
a
brand
new
cookie
that
we
can
read.
We
can
check
for
the
presence
of,
but
keeping
that
cookie
in
sync,
with
the
actual
state
of
the
user,
seems
to
be
a
challenge,
because
we
can't
just
do
it
of
because
we
can't
set
the
life
of
that
cookie.
B
B
B
B
Can
we
do
one
quick
project
wide
search
if
we
search
for
that
the
name
cookie,
if
there's
any
references
to
that
name
on
the
docs,
call
that
remember
user
token.
A
B
Can
we
do
we
have
the
about
page
actually
do
we
have
it
set
up
where
this
cookie
can
be
read
from
the
about
page
or
do
we
we're
writing
a
new
one
that
can
be
read
from
the
about
page.
B
A
Yeah
and
I'm
having
the
domain
set
on
being
readable
from
both
gitlab.com
and
its
subdomains
right.
B
Right
right,
yeah,
that's
interesting!
That
activity
I
see
if
remember
yes,.
A
In
a
draft
State
because
I
was
trying
to
access
this-
oh
let
me
switch
over
here,
so
I
was
trying
to
access
this
set
method
from
active
session,
and
this
will
set
this
active
user
session.
So
I
was
trying
to
access
this
just
active
key
value
that
I
added
just
because
I
didn't
want
to
touch
anything
that
had
to
do
with
user
devices.
A
Yeah
and
I
came
I
came
across
the
issue,
which
was
very,
very
Niche
in
order
to
use
this
set
method.
I
have
to
pass
in,
like
the
user
and
the
request,
and
it
looks
like
by
the
time
the
session
controller
gets
to
my
method.
Current
user
isn't
created
yet,
and
so
I
get
this
undefined
for
this
set
method
because
user
doesn't
exist
yet
yeah.
B
A
Oh,
this
was
a
suggestion.
I
got
from
Jessie
was
to
try
to
modify
this
file
so
that
it
works
for
my
purposes,
because
this
is
somehow
connected
to
the
remember
me
token,
and
this
is
where
I
got
lost,
because
I
couldn't
really
see
how
the
two
were
connected
and
then
I
was
coming
into
this
issue,
with
user
not
being
defined
yeah.
B
A
B
Me
see
well
yeah,
unfortunately,
you've
got
you've
got
one.
B
B
C
C
Oh
nice,
okay
and
that's
where
active
session
dot
set
is
called.
Yes.
C
Which
must
happen
regardless
of
how
you've
logged
in
right,
I'm
guessing
that's
why
that
was
suggestion
was
made,
because
you
essentially
have
like
a
user
session
and
there's
no
care
as
to
how
it
was
gotten.
Okay,.
B
B
C
B
A
Yeah
as
long
as
I
don't
set
the
domain,
yet
you
can
test
it
locally
from
just
localhost
it's
just
after
this
has
been
approved,
I
have
to
edit
the
domain.
So
as
long
as
the
domain
sets
that
you
can
set
it
well,
you.
B
A
B
Cool
that
makes
sense
yeah
do
you
want
to
try
to
then
just
take
it
for
a
spend,
and
and
so
we
can
get
some
feedback
if
we
make
changes
of
what's
what's
going
on.
B
B
C
B
C
C
I
think
it
would
also
for
the
future
stuff.
I
know.
You
said
when
you
put
the
domain
and
you
can't
test
it
locally.
I
I,
don't
know
how,
but
it
would
be
awesome
if
we
could
make.
However,
that
domain
is
being
set.
Work
for
like
the
dev
environment
and
for
production,
but
I
feel
like
that's
like
a
once.
It's
working
stuff
there's
got
to
be
a
way
to
do
that
too.
I
don't
know
I.
A
Okay,
sorry,
does
everyone
have
like
a
widescreen.
A
A
Let
me
see
here
where
am
I
I
nope,
okay,
so
I
originally
I'm
just
going
to
take
this
back
to
what
I
had
before
we
started
messing
with
this
active
session
file.
Okay,.
A
Well,
this
is
new.
What
did
I
break
here
monkey
and
destroy.
A
At
one
point,
I
was
trying
to
set
I
guess
the
the
get
lab
session
is
a
very
unique
expired
and
I
was
trying
to
set
this
cookie.
To
the
same
as
that
one.
C
A
Yeah,
this
is
what
I
originally
had
when
I
was
like
just
starting
before
I
got
to
the
active
session
part
it
got
mad
at
me
for
touching
refresh
too
many
times.
I
have
to
restart
the
ddk.
That
was
a
unique
error
that
I
ran
into
that.
Like
took
half
of
my
day,
it's.
B
B
Makes
sense?
Okay,
that's
probably
that's
better
than
my
my
more
extreme
approach,
cool.
A
B
A
B
B
A
C
B
Everybody's
fault,
that
was
when,
when
I
was
like,
10
I
went
through
a
phase
of
trying
to
trying
to
blame
things
as
just
misunderstandings
in
everybody's
fault,
and
it's
really
just
my
fault
but
like
that
was
my
actualizing.
B
Baby
I
guess
so
there
you
go.
It's
still
gone
well.
B
That
makes
sense
yeah
that
makes
sense.
I
didn't
I,
didn't
notice
that,
with
the
with
the
with
the
expiration
but
yeah
and
I
see
why
we
were
gonna
sign.
We
were
going
to
attach
an
expert,
a
custom
expiration
thing
with
it.
A
B
Whenever
we
wrote
the
real
gitlab
cookie,
we
wrote
the
about.gilab.com
readable
version
of
it
and
whenever
we
wrote
remember
user
token
cookie,
we
wrote
the
about
get
loud.com,
readable
version
of
remember
user
token,
and
that
way
about
goodlove.com
can
just
see.
Do
you
have
remember
user
token?
Or
do
you
have
this
thing?
If
you
have
any
of
those
we're
going
to
treat
you
as
signed
in
and
we're
good.
A
B
A
Know
so
I,
don't
think
remember
user
tokens
I've
ever
actually
used
within
the
code
outside
of
those
docs
right.
B
See
can
we
then
do
a
search
for
like
remember
me,
exclamation
mark
or
something.
B
B
Oh
wait:
that's
a
spec!
Okay,.
A
B
Oh
yeah,
the
device
must
handle
all
that
too.
B
I
can
see
why
Warden
looks
interesting
so
yeah,
maybe
maybe
in
like
one
of
those
options
after
we've
set
a
user.
Maybe
there's
remember.
A
B
Okay,
if
we
go
back
sorry
I,
if
there's
a
way
for
us
to
tell
that
we
have
been
remembered,
sounds
like
that's
would
be
a
great
thing
to
have.
We
can
keep
the
set
acts
of
user
function
where
it's
at
we
just
need
to
figure
out.
Can
we
tell
if
we're
remembered,
do
we
have
do
we
have
access
to
the
active
user
when
we
set
that
cookie
yet
or
has
it
not
been
created
yet?
Is
that
what
we
landed
on.
A
B
A
A
A
B
Okay,
so
I
see
on
if
you
go
to
the
create
on
line
83
here,
current
user
after
create
we
get
the
current
user.
So
you
see
like
we
referenced
it
in
line
88
and
89.
A
No,
that
that
makes
sense,
I
guess
current
users
probably
used
a
million
times
in
this.
B
A
C
B
Maybe
we
could
look
at
oh
I,
wonder
if,
after
we
create
I
bet,
we
can
I
bet,
we
can
look
at
what
response
cookies
are
about
to
send
so
I
bet.
We
could
actually
just
look
at
the
cookies
and
try
to
find
the
remember
cookie
from
there
from
the
controller
can
we
do
like
a
a
puts
or
inspect
of
all
the
cookies
from
the
set
active
user.
A
B
C
A
C
A
Think
that's
right,
shoot
I,
always
mess
this
up,
one
of
them
it's
an
underscore
and
the
other
one.
It's
a
hyphen
and
it
messes
me
up
every
time.
A
There
we
go
and
I
think
I
have
to
refresh
this.
B
A
A
Yeah,
this
is
my
I
think,
so,
where
is
it.
A
B
B
B
I
have
a
feeling
we'll
be
able
to
read
response
cookies
I'd
be
surprised
if
we
couldn't.
A
B
But
that
way
we
could
write,
we
could
do
the
idea
of
taking
each
one
of
those
cookies
and
writing
a.
B
A
I,
don't
I,
don't
think
so!
Oh
you
know
what
that
probably
was
smart.
If
I
just
hit
continue,
I
would
have
gone
to
the
next
binding
frame.
C
B
Think
I
think
it'll
happen
when
we
we,
yes,
when
we
sign
in
okay.
B
Yeah
there
we
go
all
right.
If
we
look
at
cookies,
do
we
have
all
the
cookies
there.
B
We
won't
have
them
in
the
request,
but
do
we
have
them
in
in
the
response?
And
maybe
it's
just
cookies,
because
I
see
like
on
line
98,
we
start
writing
to
cookies.
Already.
B
Oh
so
the
remember
user
token
is
there?
Yes,
yes,
yes,
that's
great,
that's
that's
what
we
gotta
do
yes
and
we
can
just
put
the
expires.
That's
copy
it
over!
Yes,
yes,
it's
like
I
would
that
sounds
great.
I
would
almost
like
even
call
the
the
cookies
since
there's
keep
the
Symmetry
with
where
they're
coming
from.
But
if
we
want
to
have
two
cookies
we
could
have
the
about.
B
B
A
A
B
B
A
A
I
think
it's
symbols
and
then
present
that's.
B
I
think
what
I
think
of
all
these
so
quickly
if
I'm
wrong,
but
so
this
method
gets
called
when
we
do
create
and
when
and
when
we
do
destroy.
Yes,
that
switch
is
almost
like
making
the
branching
logic
of
the
method.
A
little
hard
to
follow.
So
I
would
almost
say,
like:
let's
create
two
methods:
one
for
create
active
user
cookie
and
then
destroy
active
user
cookie.
So
we
don't
have
to.
C
C
B
C
C
C
C
B
B
C
B
B
B
Awesome
so
going.
B
B
Okay
cool
so
now
going
back
to
the
set
Act
of
users.
Where
we'll
do
the
remember
me
condition.
B
C
I,
like
that,
I
might
even
suggest
changing
the
method
names
to
either
have
that
in
that,
so
that
it's
fairly
clear.
B
A
B
I
I
think
then
we
just
need
to
fill
in
the
details
for
the
cookie
we're
about
to
set
there.
Oh,
we
named
I
see,
but
we
renamed
the
methods.
Yes,.
A
C
C
A
B
B
B
I
I
think
we
don't
we've
just
gotten
away
with
not
needing
to
because
by
default
it
seems
like
it's
a
session
cookie,
and
so
it's
being
treated
like
that,
but
I
would
find
the
actual
session
cookie
and
set
it
to
the
same.
I
I
think
that
yeah.
B
Well,
I
think
we
can
just
read
it.
Could
we
read
it
from
from
where
we're
at.
A
Mm-Hmm
well,
this
is.
B
A
B
A
A
A
C
It's
okay
after
I
have
to
go,
but
after
this
I
can
I
can
wait
and
see
what
happens.
Okay,.
C
C
Oh
okay,.
B
A
B
Actual
data
I
think
you're
right,
you're
right
cookies.
Yes,
we
can't
dig
into
it
because
it
has
just
okay,
so
we
can
test
the
presence
of
this
thing,
but
we
can't
get
the
expiration
of
it
because
it
just
has
that
large
string.
So
that's
it's!
B
The
bracket
Syntax
for
the
string
is
going
to
try
to
find
the
certain
character
of
the
string.
But
it's
not
we
can't.
We
can't
pull
the
data
from
it.
How
can
I
see
the
I'm
asking
chat
GPT
once
again.
C
C
B
A
I
think
this,
like
rails,
automatically,
call
set
cookies
anytime.
You
use
the
cookies
keyword,
while
you're
like
setting
in
the
cookie.
B
B
B
B
C
C
B
So,
instead
of
I
think,
instead
of
cookies,
what
we
do
in
line
99
I
think
we
would
then
do
line
99
does
at
set
cookies.
A
B
Told
me
not
to
worry
about
it,
okay,
so
that
gbt
also
told
me
not
to
worry
about
it.
If
I
I
was
having
a
conversation
with
it
every
once
in
a
while
I
have
it
write
letters
to
my
wife
and
I,
send
them
to
my
wife
and
I,
give
her
a
picture
of
Chachi
T
wrote
it,
so
she
doesn't
think
that
I
did
but
I
replied
to
it
and
I
said
hey.
B
She
knows
that
you
wrote
it
I
think
she
likes
you
better
than
me
now
and
chat
gbt
like
took
forever
to
respond,
and
then
finally,
then
it
responded
like
like
thanks
for
the
compliment
like
you,
don't
have
to
worry
about
it.
If
your
wife
likes
me
more
than
you
and
I
was
like.
Oh
my
gosh,
what
is
wrong
with
you.
B
Now
I
know
that
using
those,
like
instance
method
instance,
variables
can
be
a
little
frowned
upon,
but
I
don't
know
if
there's
another
I
think
if
we
have
a
test,
it
should
be
fine.
You
know
like
we
have
like
some
sort
of
integration
test
of
making
sure
that
cookies
get
written
and
things.
C
I
am
not
sure,
I'm
still
100,
not
sure
what
that
asset
cookies
is
going
to
give
us
and
I,
don't
see
it
used.
The
reason
why
I
say
I'm
not
sure
is
because
I
like
walks
and
go
and
look
in
the
code
base
and
see
if
it's
stuff,
just
like
that,
is
used
anywhere
else,
and
they
don't
see
it
used
anywhere
else.
So
I
want
to
have
to
probably
defer
any
comment
to
someone
that
knows
more
about
cookies
than
me.
C
C
B
All
right
so
yeah
I'm
gonna
have
to
hop
off
but
I
think
even
if
we
can't
read
the
expires.
So
even
if
we
just
end
up
using
cookies
and
checking
for
the
presents
and
stuff
like
that
and
testing
out.
The
two
cases
of
remember
me
and
not
remember
me.
So
even
if
we
can't
read
the
expires,
the
other
option
of
what
you
were
about
to
do,
Miracle
of
let's
just
put
two
weeks
in
there
or
whatever
kind
of
the
same
amount
that
we're
using
when
we
set
the
bad
cookie.
A
B
We
can
just
reuse
that
amount
and
not
try
to
read
from
the
cookie
like
I
was
suggesting,
so
that
would
work
here.
We
wouldn't
need
said
cookies.
The
only
reason
we're
using
said
cookies,
so
we
can
actually
read
from
the
value
itself,
but
I
think
being
able
to
test
for
the
presence
of
remember
user
token.
B
I
think
that's
that
helps
unblock
where
we
can
now
have
two
different
cookies
that
will
live
and
from
the
about
page
we
can
test
for
is
the
active
user
one
good
or
is
the
remember
user
one
good
if
either
one
of
those
are
good,
then
we're
good,
so
that
gets
us
gets
us
somewhere.
B
Yeah
I
would
I
would
I
would
try
this
out.
It's
possible
set
cookies.
The
ad
set
cookies
I'm
suggesting
isn't
going
to
work,
so
we
might
not
be
able
to
read
the
expires
from
it
because
it
looks
like
the
only
thing
we
can
test
for
here
is
the
presence
of
a
cookie
and
then
get
actually
like
the
encrypted
value.
Let's
not
worry
about
the
encrypted
value
or
anything
like
that.
We
can
just
get
the
presence
of
it
and
then
somehow
put
the
some
expires.
That
makes
sense,
if
said
cookies,
doesn't
work,
so
cool
yeah.
B
That's
I'm,
glad
that
this
help
us
helped
us
contain
the
problem
to
to
this
file,
to.