Hi everyone,
My goal is to allow users of a Rails web app to see all their open
sessions on other computers and close/sign out of them remotely.
Similar to gmail’s “Account activity” page (link found at the bottom
of the gmail inbox page).
I can technically achieve this by using the sessions in the database
account_sessions = CGI::Session::ActiveRecordStore::Session.find
(:all)
and iterating over them to find sessions corresponding to the current
user (the user ID is stored in the session data), and allowing the
user to destroy these sessions.
However, this doesn’t offer the usual convenience of working with
Rails models. I can’t easily express a has_many relationship with the
user and make use of
current_user.sessions
nor can I easily put an index on user_id since it’s in the data part
of the session (instead of being its own column).
This approach also may become impractical if the number of sessions
grows, since in the above the table is read into memory.
As a solution, I’m thinking of creating my own model which “mirrors”
the relevant portions of the session and is created/updated/destroyed
to maintain that correspondence.
This isn’t a great way to go about it due to data replication and
added complexity of code, but I didn’t find another way to do it.
So the question is: is this a good way to go about it, or am I missing
something?
Thanks in advance!
Fraser