[WIP] Skip saving session for all API requests

jrafanie · jrafanie · commit 8e377b408e10 · 2025-07-29T18:16:49.000-04:00
TODO: Determine if we can filter this to just GET requests and if we
need to watch for the CSRF protections which generally require saving
cookies.
diff --git a/app/controllers/api/base_controller.rb b/app/controllers/api/base_controller.rb
@@ -1,5 +1,11 @@
 module Api
   class BaseController < ActionController::API
+    after_action :skip_session
+
+    def skip_session
+      request.session_options[:skip] = true
+    end
+
     TAG_NAMESPACE = "/managed".freeze
 
     #
