Sessions, Cookies, and Flashes
- If we didn't have cookies and sessions, what would happen?
There would be no data transfer/memory between each click of the page; victim of statelessness - What is a cookie?
object that you can access like a hash; store non-secure things in browser; expire - What's the difference between a cookie and a session?
session's data is serialized; more secure; expires at end of browser session. (session is maintained browser side, cookie = server-side) - What's serialization and how does it come into play with sessions?
Change format of storage; can't just read or edit- gives security - Why would we want to store a user id in a session?
keep track of decisions the user makes; roles of current_user; namespacing levels of user; who is it & what should they be able to see? Allows you to put logic in view. Session-specific so people can't mess around with admin/security - What is a flash? How long does a flash have before it expires?
another type of object used to send information through messages; self-destructs after opening (every page load). There are ways to change defaults (manually; keep?) - What syntax would I use to add a
user_id
key and value to the session?
session[:user_id] = "value" - What does "HTTP is stateless" mean?
Each request/response is brand-new again