Forum: Ruby on Rails Rails 2.3 Sessions

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Ebb9ea522e32cf2da1764f4db1a8f744?d=identicon&s=25 Danilo Castilho (dan_sp)
on 2009-03-26 12:30
(Received via mailing list)
I've just upgraded to Rails 2.3.2. I am using active_record_store as
my session approach and session.model is deprecated.  I was using that
to update a couple extra session db columns. Does anyone knows what is
the best approach for that now, since ActiveRecord::SessionStore does
not help that much?

thanks!
755ce31e146e1596c853d63bf4636657?d=identicon&s=25 Scottie35 (Guest)
on 2009-04-02 10:58
(Received via mailing list)
On Mar 26, 12:45 pm, Danilo Castilho <dncasti...@gmail.com> wrote:
> I've just upgraded to Rails 2.3.2. I am using active_record_store as
> my session approach and session.model is deprecated.  I was using that
> to update a couple extra session db columns. Does anyone knows what is
> the best approach for that now, since ActiveRecord::SessionStore does
> not help that much?

I had the exact same problem, and I couldn't find any help anywhere.
So I played with it until I got it to work. This is what I did to put
the user id in the sessions table upon login:

In session.rb:

class Session < ActiveRecord::Base
  def self.update_user_id(id, sess_id)
    connection.update("UPDATE sessions SET user_id = '#{id}' WHERE
session_id = '#{sess_id}'")
  end
end

In login action in the controller:

if session[:userid] = User.authenticate(params[:user][:username],
params[:user][:password])
  Session.update_user_id(session[:userid], request.session.session_id)
  [...]

IOW, this:

session.model.user_id = session[:userid]

becomes this:

Session.update_user_id(session[:userid], request.session.session_id)

Apparently one has to call "session[:userid]" or in order to
"activate" the session since it is now lazy (ie it won't load unless
you access it). Otherwise, the "request.session.session_id" part won't
work.

Hope this helps!
Ebb9ea522e32cf2da1764f4db1a8f744?d=identicon&s=25 Danilo Castilho (dan_sp)
on 2009-04-03 22:14
(Received via mailing list)
Your suggestion helped a lot! I've followed a slightly different
approach,
but using your idea. What I did was add the following private method in
my
login controller:

 def session_user_id(id)
    ActiveRecord::Base.connection.update("UPDATE sessions SET user_id =
#{id} WHERE session_id = '#{request.session.session_id}'")
  end

And then I just do this in the login action:

  session[:user] = user.id
  session_user_id(session[:user])

I think that there is an advantage in this approach. No need to deal
with
any custom session classes and the method is only available where it
should
be.

cheers!
This topic is locked and can not be replied to.