session question - unique identifier in cookie store?

rubyonrails-talk
1

Hi,

I recently switched to the cookie session store for my rails app, and I am wondering how I can access some kind of unique identifier for each session between requests. It used to be (when I was using active record store) that the session id was set and that string didn’t change between requests. Now, of course, the session id does change between requests because that is where the session data is stored. However, rails must be setting some unique identifier in this encrypted string, otherwise there wouldn’t be any session tracking. How can I access such a unique identifier? I realize I get just set a variable, but it seems pointless to redo something that is already being handled by rails.

FYI, I was using the session_id to track the number of plays of a given song on my site, in order to know how many times a song was played by a unique user I track their session id in the database.

Thanks for any info.

Sean

2

Hi,

I recently switched to the cookie session store for my rails app,
and I am wondering how I can access some kind of unique identifier
for each session between requests. It used to be (when I was using
active record store) that the session id was set and that string
didn't change between requests. Now, of course, the session id does
change between requests because that is where the session data is
stored. However, rails must be setting some unique identifier in
this encrypted string, otherwise there wouldn't be any session
tracking. How can I access such a unique identifier? I realize I get
just set a variable, but it seems pointless to redo something that
is already being handled by rails.

The point of the session_id was to connect a user to a row in the
database with session info (or file on disk etc...) This isn't needed
with the cookie store, (since the cookie is the store) and so I don't
think there is one. You could probably add one in yourself.

The data isn't actually encrypted: it's just base 64 encode marshaled
data (with a cryptographic hash). You can see the entire session by
taking the first bit of the cookie (before the --) and run it through
Marshal.load(string.unpack('m').first)

Fred