Store user id in session or find user id


#1

Hi

Im uisng the lgoin generatior that as far as I can tell stores the
username in session.

I have another table that i need to store the id of the user who creates
an entry. (the logged in user)

Is it possible to store return the id and store it in session once the
user is created.

then do somthing like @project.user_id = session[:user].id;

or can I perform a search in the product table grabbing the id of the
using the username that is stored in session?
ie userIdVar = User.find(session[:user].login)
then do @project.user_id = userIdVar

how can this be done?

Sure both ways are possible, but any suggestions and reasons to why a
certian way is better over the other?


#2

On Apr 28, 2006, at 6:32 AM, scott wrote:

Is it possible to store return the id and store it in session once the
user is created.

then do somthing like @project.user_id = session[:user].id;

How about:

@project.user = session[:user]

which does the same thing…


– Tom M.


#3

Hello Tom !

2006/4/28, Tom M. removed_email_address@domain.invalid:

then do somthing like @project.user_id = session[:user].id;

@project.user = session[:user]

which does the same thing…

Please, don’t ever do that ! Storing the user in the session means
you’ll be storing all associated objects with the user. I did that in
a project, and had 2 and 3 megabytes session files !

Better: store the ID, or do it automatically:
http://blog.teksol.info/articles/2005/10/21/model-serialization-in-session

Hope that helps !


#4

On Apr 28, 2006, at 10:33 AM, Francois B. wrote:

you’ll be storing all associated objects with the user. I did that in
a project, and had 2 and 3 megabytes session files !

Hello Francois!

I completely agree with what you’re saying, but my advice wasn’t to
store the User object in session, but on how to set the associations,
which is the question that he asked. I also assumed that the login
system he was using had already made that decision for him, and that
he wouldn’t want to change it.

Another huge problem beyond what you pointed out is that it’s quite
easy to imagine the session User object getting out of sync with the
DB…

So, yes, I agree 100%, don’t store the user object in the session.


– Tom M.