[erlang-questions] setting cookies with cowboy websocket handler

Alex Babkin <>
Wed Jan 30 01:36:52 CET 2013


Hi all

Imagine an auth protocol over a websocket: client sends credentials, server
responds with either success or failure. If success, it should set some
persistent state so if the user reloads the page, the session will continue
until either logout or some timeout

I'm trying to set a cookie from a websocket handler, such that after a page
reload, in the websocket handler init i can try to read back the cookie and
check for it's validity and if valid, resume the session without the user
needing to login again

here is some code i tried with no success, i.e upon reload, the cookie is
no longer there (or perhaps is never getting set by the handler to begin
with)

websocket_handle({text, Input}, Req, State) ->
  lager:debug("stream received ~s", [Input]),
  Req2 = cowboy_req:set_resp_cookie(
    <<"auth">>,
    [<<"test">>],
    [{max_age, 600}, {path, "/"}, {secure, true}, {http_only, true}],
    Req
  ),
  {ok, Req3} = cowboy_req:reply(200, Req2),
  {ok, Req3, NewState}.

... or alternatively:

{reply, {text, Output}, Req2, NewState}.

as the last line

after the socket terminates and i try to reload page i do this in websocket
init:

{Cookie, Req2} = cowboy_req:cookie(<<"auth">>, Req),

and there are no cookies


any ideas what i'm doing wrong?
is this even possible with websocket or do i pretty much have to have a
dedicated regular http roundtrip to set the auth cookie?

Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20130129/a1962c85/attachment.html>


More information about the erlang-questions mailing list