Sinatra app has session issues in production

Question

I've been working on a web application in Ruby using Sinatra. While in development, I really never had a lot of issues with sessions. However, now i'm ussing passenger to actually deploy the application I have quite a lot of issues regarding that session data keeps getting 'reset'.

I've seen other stack overflow questions related to this problem but no answer has yet fixed it for me. I've tried a couple of things:

Putting 'use Rack::Session::Pool' inside config.ru as suggested here
Used Rack::Session::Pool like explained here
Tried Memcache as explained here
Tried Redis-Rack (gives me an error: Exception NoMethodError in Rack application object (undefined method `foreign_key' for nil:NilClass))

Nothing seems to be helping really... I either end up having an error or my session gets reset each request. I know that passenger probably uses multiple threads and that that is the cause for the sessions to not be working, but I cannot seem to find a solution to the problem.

Am I missing something obvious here? Any suggestions?

Gemfile

source "https://rubygems.org"

gem 'mongo', '1.8.6'
gem 'sinatra', '1.4.8'
gem 'mongo_mapper'
gem 'bson_ext'
gem 'active_model_serializers'
gem 'activemodel-serializers-xml'
gem 'sinatra-flash'
gem 'sinatra-param', require: 'sinatra/param'
gem 'rack-recaptcha2', git: 'https://github.com/nicolas-simplex/rack-    recaptcha'
gem 'mail'
gem 'slugify'
gem 'biz'
gem 'bcrypt'
gem 'redis-rack'

group :development do
  gem 'mailcatcher', '~> 0.6.4'
end

config.ru
It had different forms depending on if I used just Rack::Session::Pool, Memcache or Redis. This one was the one I used for redis:

require 'rubygems'
require 'sinatra'
require File.expand_path '../app.rb', __FILE__

require 'rack'
require 'rack/session/redis'

require_relative './app'

app = App.new

sessioned = use Rack::Session::Redis.new(app)

run sessioned

App.rb

require 'rubygems'
require 'bundler/setup'
require 'sinatra'

require 'slugify'

class App < Sinatra::Base
  use Rack::Protection

  set :bind, '0.0.0.0'
end

require_relative './config/init'  # Initialize configuration files
require_relative './helpers/init' # Initialize helpers
require_relative './routes/init'  # Initialize routes
require_relative './models/init'  # Initialize models

require_relative './util/tokens'  # Token utility

... # Some database seeding, basic setup for some data I use

TL;DR
Sinatra and Passenger together resets sessions in production, while this doesn't happen in development.

Wout_ Wout_ · Accepted Answer · 2017-04-20T16:10:13

After some more researching I found the configuration option passenger_sticky_sessions. Because in my web application session storage is quite important, this works fine for me. However, the use of this is not recommended in all use cases because all the clients sends will be routed to the same originating application process.

Documentation: https://www.phusionpassenger.com/library/config/nginx/reference/#passenger_sticky_sessions

With this configuration parameter 'on' in my conf file in nginx/sites-enabled, I was able to just use the simple rack session pool:

use Rack::Session::Pool, path: '/', expire_after: 2592000

Sinatra app has session issues in production

1 Answers