Home/ Questions/Q 323453
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-12T09:01:57+00:00

WARNING: Complete newbie to RoR and Ruby alert! * I have a login method

  • 0
  • WARNING: Complete newbie to RoR and Ruby alert! *

I have a login method that looks like this: 

@user = Person.find(:first, :conditions => ["email=?", params[:email]])
if @user and @user.password==params[:user_password]
   session[:user] = @user
else
   flash[:warn] = 'Invalid password!'

However, the user record can get very large, so I don’t want to store the entire user record in my cookie session.

How can I modify this code so that a specific field does not get stored in the session? There are two fields that can get very large (very large user profile data) and will not fit within the cookie session 4 kilobyte limit, so I want to exclude those from being stored in the session.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I would do :

    session[:user] = @user.id

    And then create a before_filter going something like this:

    before_filter :get_user

def get_user
  @user = User.find_by_id(session[:user])
end

    edit: This is not exactly what you were looking for, but if you can’t store all the object in the session variable you might want to consider this option. It’s only one request so it won’t be too resource intensive. Plus like this you can check at every page load that the user exists and this might be helpful, security wise.

    • 0