Ruby on Rails/ActionController/Sessions



For a technical explanation of a Session take a look at the Wikipedia article about Sessions.

In Rails you have some options to store the session. Most of the time you want to store the session on the server, but with security-relevant data, you might want to consider storing the session inside a database. To change the session storage, edit config/initializers/session_store.rb and be sure to read on the RoR Website carefully.

Work with your session


As with the parameters, Rails provides a simple way of accessing your session. Consider following example:

def show_details
  #we may use this inside a user-specific action

As you can see, you access the session in a similar way to the parameters. Storing a session isn't much more complicated:

def index
  #we have some code here to get the user_id of a specific (logged-in) user
  session[:current_user_id] = id

To destroy the session, just assign it a nil-value

session[:current_user_id] = nil

Displaying a Flash-message


Flashes are very special and useful part of a session. You may have already found it in one of the view files. Here is how they work: As said, Flashes are special. They exist only once and are destroyed after each request. Flashes are useful to display error messages or notices to the user (e.g. when he tries to log in or if his request resulted in an error)

Inside an action flashes can be used similar to:

def check
  #code that does some validation
  flash[:notice] = "Successfully logged in"

Inside the view you can access it like:

<% if flash[:notice] -%>
    <%= flash[:notice] %>
<% end -%>
<!-- maybe some HTML-Code -->
<% if flash[:warning] -%>
    <%= flash[:warning] %>
<% end -%>

As illustrated in the example, you are not limited to a single flash. Multiple flashes can be accessed by their name you have defined inside the controller.