Cookie authentication is lost after application reload

[StephanSchmidt]

Expected: User is still logged in after app reload because of file changes
What happens: User is logged out and login screen is shown

• Using CookieTokenAccessor
• Started with remember me example which did not work
• play2-auth 0.13.2
• Scala 2.11.6
• Play 2.3.8

Checked the other issue, but I can't see exceptions here driving this behaviour.

[gakuzzzz]

Do you override idContainer in AuthConfig implmentation?

Default implementation use on-memory EhCache as Cache API implementation.
So, It is discarded after app reloading.

Using EhCache parsistence mode, it keeps sessions.
Would you see https://github.com/t2v/play2-auth/wiki/FAQ#q-how-to-keep-logged-in-session-when-code-was-changed-in-dev-mode ?

[StephanSchmidt]

Thanks for the hint, I will try that one.

One question: I probably misunderstand how Cookie authentication works with play2-auth,

• but why is local state needed?
• Isn't everything stored in the cookie token and the user loaded as needed?

What I wanted is a remember me token where the user is 'logged in' for 3 months,

• do I also need a persistent cache?
• does the cache keep the data for 3 months?

[gakuzzzz]

the play2-auth default implementation stands by stateful becasue of security issue.
see readme or a good question in SO

If you want, you can change this behavior as own risk.

What I wanted is a remember me token where the user is 'logged in' for 3 months,

• do I also need a persistent cache?
• does the cache keep the data for 3 months?

Using default implementation, Yes it is.
However you can use a DataBase instead of Cache, and can use stateless implementation or so on.

best

[StephanSchmidt]

Thanks! Your patience is highly appreciated.