Skip to content

Instantly share code, notes, and snippets.

@samlandfried

samlandfried/sessions.md

Forked from case-eee/sessions.md
Last active April 3, 2017 17:15
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save samlandfried/575c825e5483b17737ba5dd8b6e2021a to your computer and use it in GitHub Desktop.
Save samlandfried/575c825e5483b17737ba5dd8b6e2021a to your computer and use it in GitHub Desktop.
Download ZIP
Sessions, Cookies, and Flashes
Raw
sessions.md

Sessions, Cookies, and Flashes

  1. If we didn't have cookies and sessions, what would happen?
  • We wouldn't be able to persist anything that didn't exist in our database. We'd be at the mercy of the stateless model
  1. What is a cookie?
  • An insecure hash like object that persists data across sessions.
  1. What's the difference between a cookie and a session?
  • A session's data is serialized making it more difficult to manipulate its contents
  1. What's serialization and how does it come into play with sessions?
  • Serialization protects the contents of a session object. It requires a special key to deserialize it. The key is held by the Rails app.
  1. Why would we want to store a user id in a session?
  • Because if it was in a cookie a user could modify their id, perhaps to give themselves access to admin privileges.
  1. What is a flash? How long does a flash have before it expires?
  • A flash is a hash like object that can pass messages to hte client. It expires every time it is accessed.
  1. What syntax would I use to add a user_id key and value to the session?
  • session[:user_id] = 12
  1. What does "HTTP is stateless" mean?
  • The protocol does not persist data, meaning it has no knowledge of previous requests.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment