Forum: Ruby on Rails Modifying a session variable from a different process?

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Fcdafe495dccc04d27f6dbbcdf54aecc?d=identicon&s=25 Woei Shyang (generik)
on 2006-03-24 03:05
Hi,

I've implemented a log in session "thing" that essentially works by
holding the model of the logged in user in a session variable, like
this:

session[:user] = user

However let's say at this point in time, should an administrator of the
system decide to revoke this user's account, the session variable for
that currently logged in user is still valid, and hence he will still be
able to access the system!

Is it possible to modify a session variable even if it doesn't belong to
the currently running process? The only other alternative for such a
problem would be to poll the user database table each time to check if
that user is still valid, which doesn't sound all that great.
59de94a56fd2c198f33d9515d1c05961?d=identicon&s=25 Tom Mornini (Guest)
on 2006-03-24 05:23
(Received via mailing list)
Store the ID that fetch the model each request.

--
-- Tom Mornini
This topic is locked and can not be replied to.