I would like to avoid creating sessions for users who are not logged in. To that end, I have added the following to my ApplicationController:
session :off, :if => Proc.new { |req| req.session[:user_id].nil? }
Based on my understanding, if the Proc returns true (e.g. session[:user_id] is null), a session will not be created. This does not seem to be working though as a session is always created in the DB. Any thoughts?
Thanks, Josh
I would like to avoid creating sessions for users who are not logged in. To that end, I have added the following to my ApplicationController:
session :off, :if => Proc.new { |req| req.session[:user_id].nil? }
I think the problem here is that you are accessing the request session, which in turn causes a session to be created. You need a way to say "give me the session if it exists, but if it doesn't exist don't bother". A cursory glance at the source (cgi_process.rb is the interesting file suggests that there is no api for this and you'll just have to look for the presence of an @session instance variable in the request object.
Fred
Thanks Fred, that did seem to be part of the problem.
Now, the trick is initializing the session when I need it in my SessionController#new action. Any thoughts? Can I just initialize a new CgiSession here?
Updated code:
session :off, :if => Proc.new { |req| !session_exists?(req) }
private class << self def session_exists?(request) request.instance_variable_defined?(:@session) end end