where does rails pull the session id from the cookie and connect the request with the session?

i was hoping someone could point me to the place where rails is using
the cookie to match the request to the session. i see some session
logic in cgi/session, but i can't seem to find where it actually uses
the cookie.

fyi, i'm asking because i'm having an issue where i set the user during
login, but the redirect following the login is using (or creating) a
different session. it happens intermittently, not every time, so
poking around for some clues. thanks in advance!