Forum: Ruby on Rails ActiveRecord session store in Rails 3

964a342aa95dcf20593ab8d14fa72039?d=identicon&s=25 Javier Baena (jbaena)
on 2011-01-12 10:12
Hi there!

I am currently learning Rails 3 and have some doubts regarding sessions
and RESTful authentication, hope you can help me.

By default, Rails stores session information using cookies. That means
that if I do session[:user_id] = @user.id , it is stored in a cookie
automatically, so that's all I have to do.

When I use ActiveRecord store, instead, we use the database for storing
session information.

The book I am following, explains together the ActiveRecord store for
sessions and the RESTful authentication, so I'm afraid I have mixed up
some concepts.

My doubt is: When using ActiveRecord storage for sessions, is this just
like using the cookie option, but with Rails automatically storing it in
the database? I mean, woul I still use it just like session[:user_id] =
@user.id and would Rails take care of storing it into the database?

If so, declaring sessions as a Resource, would be independent from using
ActiveRecord store, wouldn't it?

I understand that, without declaring Sessions as a resource, I wouldn't
have RESTful authentication, but the book uses ActiveRecord store, and
next, declares Sessions as a resource, and I don't know if those are
independent.

Hope I have explained myself :)

Thanks for your responses!
81b61875e41eaa58887543635d556fca?d=identicon&s=25 Frederick Cheung (Guest)
on 2011-01-12 10:55
(Received via mailing list)
On Jan 12, 9:12am, Francisco javier Baena <li...@ruby-forum.com>
wrote:
>
> The book I am following, explains together the ActiveRecord store for
> sessions and the RESTful authentication, so I'm afraid I have mixed up
> some concepts.
>
> My doubt is: When using ActiveRecord storage for sessions, is this just
> like using the cookie option, but with Rails automatically storing it in
> the database? I mean, woul I still use it just like session[:user_id] =
> @user.id and would Rails take care of storing it into the database?

Whichever the session store (cookie store, activerecord store memcache
store etc.) the api (ie. how you use it in your app) is the same.
>
> If so, declaring sessions as a Resource, would be independent from using
> ActiveRecord store, wouldn't it?
>
Correct.

Fred
280b78a61a968391b7e07e912be102a8?d=identicon&s=25 Robert Walker (robert4723)
on 2011-01-13 22:23
Frederick Cheung wrote in post #974199:
> On Jan 12, 9:12am, Francisco javier Baena <li...@ruby-forum.com>
> wrote:
>>
>> The book I am following, explains together the ActiveRecord store for
>> sessions and the RESTful authentication, so I'm afraid I have mixed up
>> some concepts.
>>
>> My doubt is: When using ActiveRecord storage for sessions, is this just
>> like using the cookie option, but with Rails automatically storing it in
>> the database? I mean, woul I still use it just like session[:user_id] =
>> @user.id and would Rails take care of storing it into the database?
>
> Whichever the session store (cookie store, activerecord store memcache
> store etc.) the api (ie. how you use it in your app) is the same.

As Fred explained there's little difference in how you use sessions
regardless of how they are stored, but it would be a good idea for you
to understand the tradeoffs and limitations of each type of storage.

For example the cookie session store is pretty much maintenance and
configuration free, but it is limited to 4K of data. This should be
sufficient for most application.

ActiveRecord session stores don't have a size limit, but may require
some maintenance to clear old sessions from the database.

Memcache also removes the 4K limit, but may require configuration of a
memcached server.
Please log in before posting. Registration is free and takes only a minute.
Existing account

NEW: Do you have a Google/GoogleMail, Yahoo or Facebook account? No registration required!
Log in with Google account | Log in with Yahoo account | Log in with Facebook account
No account? Register here.