Rails Session: How it works?

Emeka · May 23, 2011, 6:21am

Hello All,

I would need someone to explain to me how Rails session works? I need all the options available and tricks (if any).

Regards, Emeka

James_P_Tobin · May 23, 2011, 6:42am

It’s pretty tough to answer such a vague question. What about the Guide didn’t help you? http://guides.rubyonrails.org/security.html

Emeka · May 23, 2011, 7:16am

Hello Jim,

Thanks for that link. However, I would want to know how it is accomplished? is it cookie based? And which algorithm is used to generate the random object?

Emeka

Peter_De_Berdt · May 23, 2011, 8:03am

Yes, a session is cookie-based.

If you want to find out every single little detail, just read the Rails codebase. That’s the great thing about opensource, isn’t it?

Best regards

Peter De Berdt

Emeka · May 23, 2011, 9:15am

Thanks so much.

However, I am using the so-called cookieStore.

session[:user_id] = user.id

Will this be saved at the client? Will the client see the user.id?

What is saved at the client? And how is the server relates to that?

Emeka

Chris_Mear2 · May 23, 2011, 9:28am

These questions are all answered in the first few paragraphs of the 'Session' section of 'Action Controller Overview' guide:

and there is more detail along with security recommendations in the Security Guide:

Chris

Emeka · May 23, 2011, 9:32am

Thanks you all.

Emeka

Topic		Replies	Views
Help with sessions rubyonrails-talk	1	90	May 9, 2007
session madness argh rubyonrails-talk	3	128	May 23, 2008
Question RE: ActionController::Base.session and ActionController::Base.session_store rubyonrails-talk	3	190	September 27, 2010
Ruby on Rails sessions rubyonrails-talk	2	113	July 5, 2013
where does rails pull the session id from the cookie and connect the request with the session? rubyonrails-talk	0	121	November 14, 2006

Rails Session: How it works?

Related topics

More Resources