Rails Session
Rails session is only available in controller or view and can use different storage mechanisms. It is a place to store data from first request that can be read from later requests.
Following are some storage mechanism for sessions in Rails:
- ActionDispatch::Session::CookieStore – Stores everything on the client.
- ActionDispatch::Session::CacheStore – Stores data in the Rails cache.
- ActionDispatch::Session::ActiveRecordStore – Stores data in the database using Active Record.
- ActionDispatch::Session::MemCacheStore – Stores data in a memcached cluster
All the storage mechanisms use cookie to store a unique ID for each session. Generally this ID look up the session data on the server like database table. There is one exception, that is the default and recommended session store is the CookieStore which stores all session data in the cookie itself. It is very light-weighted and it requires zero setup in a new application in order to use session. The cookie data is encrypted and cryptographically signed to make it tamper-proof.
Complex objects should not be stored in the session, as server may not reassemble them between requests which will ultimately results in error.
Accessing the Session
The session can be accessed through the session instance method. If sessions will not be accessed in action’s code, they will not be loaded.
Session values are stored using key/value pair like a hash. They are usually 32 bit character long string.
In Rails, data can be save and retrieve using session method.
To store data in the session, assign it to the key.
To remove data from the session, assign that key to be nil.
To reset the entire session, use reset_session.
Session Example
We will create a simple log in form using session. Once a user is signed in, his credentials will be saved. Only signed in users will be able to log in. You can also view all the sign in users.
Step 1 Create an application log
Step 2 Change your directory to log
Step 3 Go to the Gemfile of your application. Activate the line gem ‘bcrypt’ and deactivate the line gem ‘jbuilder’ in the file.
Step 4 Now run the bundle
Step 5 Create a controller.
Step 6 Change the config/routes.rb file.
Step 7 Generate a user scaffold.
Step 8 Migrate your database.
Step 9 Go to app/models/user.rb file and write following code.
Step 10 We need a session mechanism to create a login and logout procedure.
Step 11 Go to config/routes.rb file and change the following data.
Step 12 Create a login form in app/views/sessions/new.html.erb file.
Step 13 Go to app/controllers/sessions_controller.rb file and write the following code.
Step 14 We need to create a current_user method to access current user in the application. Go to the app/controllers/application_controller.rb file and write the following code.
Step 15 Go to the app/views/layouts/application.html.erb file and write the following code in the body.
Step 16 Delete following line from app/views/users/show.html.erb and app/views/layouts/index.html.erb files.
Step 17 When a new user sign up, he/she will be auto login. For this, we need to set session in the app/controllers/users_controller.rb file.
Step 18 Start your Rails server in the console.
Step 19 Go to the browser.
Let us Sign Up for a user Anna.
On clicking Back button, you can see all signed in users.
Now let us log in from the user Anna.