Rails sessions current practices

by

Use the database for sessions instead of the cookie-based default, which shouldn’t be used to store highly confidential information

Create the session table with

rake db:sessions:create

Run the migration

rake db:migrate

Make sure you also tell rails to use ActiveRecord to manage your sessions too.

Rails 3

config/initializers/session_store.rb:

Rails.application.config.session_store :active_record_store

Rails 2

config/environment.rb:

config.action_controller.session_store = :active_record_store

More Related Contents:

  1. Rails 3 disabling session cookies
  2. Rails: Access to current_user from within a model in Ruby on Rails
  3. What does Rails 3 session_store domain :all really do?
  4. Storing Objects in a Session in Rails
  5. Format a string containing Phone numbers
  6. SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
  7. How to understand nil vs. empty vs. blank in Ruby
  8. redirect_to using POST in rails
  9. Rails 4: List of available datatypes
  10. ActiveRecord.find(array_of_ids), preserving order
  11. In Ruby on Rails, how do I format a date with the “th” suffix, as in, “Sun Oct 5th”?
  12. How to create a deep copy of an object in Ruby?
  13. Is there a clean way to avoid calling a method on nil in a nested params hash? [duplicate]
  14. rescue_from ActionController::RoutingError in Rails 4
  15. Rails 4: before_filter vs. before_action
  16. query , can not select column count
  17. Why are all Rails helpers available to all views, all the time? Is there a way to disable this?
  18. Uploading multiple files with paperclip
  19. Rails 3.1 and Ruby 1.9.3p125: ruby-debug19 still crashes with “Symbol not found: _ruby_threadptr_data_type” [duplicate]
  20. Using helpers in model: how do I include helper dependencies?
  21. How to change the default path of view files in a Rails 3 controller?
  22. Why use “self” to access ActiveRecord/Rails model properties?
  23. Converting an array of objects to ActiveRecord::Relation
  24. Why can’t I install the SQLite gem?
  25. Error message: Make sure that `gem install pg -v ‘0.18.1’` succeeds before bundling
  26. RVM installed by Ruby not working?
  27. Rails 4.0 expire_fragment/cache expiration not working
  28. Always getting 401 Unauthorized with new install of Rails + Devise
  29. Why won’t Heroku accept my Gemfile.lock in Windows?
  30. Rails engines extending functionality

Leave a Comment