Restful_authentication: update of users' attributes on every page load upon 'Remember me' being ena

Hello there,

I just noticed a kinda weird thing: if users log in with the ‘Remember
Me’ option enabled, their records in the db get updated everytime the
user reloads a page, because apparently restful_authentication’s code
updates the remember_token_expires_at & remember_token attributes for
each page load (not only once on the actual login (from cookie).

Wouldn’t it make much more sense to set this remember_token_expires_at
and the corresponding token once only and that’s it? Or am I missing
something?

Just wanna make sure the db doesn’t get hit (writing-wise) over and
over again during a users’ browsing session on the site.

-J

Say that a user spends 2 hours on one website doing stuff, and their
remember token is saved only when they log in. After 2 hours they’re
going
to be doing something extremely critical (as all people who surf
websites
for 2 hours straight obviously do) and then their next action there not
going to be logged in!

On Dec 17, 2007 10:06 AM, Joerg B. [email protected]
wrote:

and the corresponding token once only and that’s it? Or am I missing
something?

Just wanna make sure the db doesn’t get hit (writing-wise) over and
over again during a users’ browsing session on the site.

-J


Ryan B.
http://www.frozenplague.net

Ryan,

well the default remember_me timeout is set to two weeks, so that
shouldn’t happen & a user typically doesn’t idle on a website with his/
her browser open for 2 weeks … well at least I hope so :wink:

I do understand the basic idea behind it, but just wondering whether
it is really necessary this way…

-J

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs