Rails 会议当前的实践 [英] Rails sessions current practices

查看:13
本文介绍了Rails 会议当前的实践的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

有人对 Rails 和会话有任何最佳实践"提示吗?Rails 3 的默认会话类型仍然是 CookieStore,对吗?我使用了 SqlSessionStore 一段时间,它运行良好,但我可能会放弃使用 CookieStore.

Anyone have any "best practices" tips for Rails and sessions? The default session type for Rails 3 is still CookieStore, right? I used SqlSessionStore for a while and it worked well, but I may move away from that in favor of CookieStore.

将 CookieStore 用于敏感信息是否仍然不是一个好主意,即使是加盐信息,还是更好地存储在数据库中?

Is it still not a good idea to use CookieStore for sensitive info, even with salted info or is that better stored in the DB?

推荐答案

将数据库用于会话,而不是基于 cookie 的默认设置,后者不应用于存储高度机密的信息

Use the database for sessions instead of the cookie-based default, which shouldn't be used to store highly confidential information

rake db:sessions:create

运行迁移

rake db:migrate

确保你也告诉 Rails 使用 ActiveRecord 来管理你的会话.

Make sure you also tell rails to use ActiveRecord to manage your sessions too.

config/initializers/session_store.rb:

config/initializers/session_store.rb:

Rails.application.config.session_store :active_record_store

轨道 2

config/environment.rb:

Rails 2

config/environment.rb:

config.action_controller.session_store = :active_record_store

这篇关于Rails 会议当前的实践的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆