How to Build A Secure Website With Ruby On Rails 6
# Authenticate user
@user = #...
# Destroy the existing session in case anyone is sharing it and
# create a new session that you know to be unique to the user.
# Store the user's id as normal
session[:user_id] = @user.id