I have a Rails application hosted on Heroku (got the domain on GoDaddy). This app is providing the backend for an iOS application, and for some reason, when a user logs in via iOS, the user does get logged in after the initial HTTP request but thereafter is not longer logged in. However, when I log in on the browser or the iOS emulator, the user stays logged in.
Is there a security setting that may have changed on Heroku that I need to change to ensure that iOS users can receive a cookie and stay signed in? This problem is really bizarre and I have spent a lot of time trying to fix it, including manually saving the cookies on the iOS device but nothing has worked. I appreciate any insight. Thanks so much.
I realized what's going on. The problem was that because I was using protect_from_forgery method in application.rb, the iOS device was not sending back the correct authenticity token and therefore it's cookies were not accepted by the server.
The strange part of this problem is that it was working earlier and all of a sudden stopped. I'm probably going to spend some more time investigating what happened.