3

I would like to know in Rails

what is the difference between

ActionDispatch::Sessions::CookieStore and ActionDispatch::Sessions::CacheStore

For CacheStore, i assume Rails store the session in memory(RAM)? What about CookieStore, where are they storing?

Kit

TheOneTeam
  • 25,806
  • 45
  • 116
  • 158

1 Answers1

3

CookieStore is stored in the client's browser as a cookie. The cookie is signed with your application's secret key so theoretically they should not be able to tamper with it. See here for more information.

CacheStore is stored in whatever ActiveSupport::Cache::Store is using to store information (i.e. memcached or redis, on the server side not on the client side). See here for more information.

hjing
  • 4,922
  • 1
  • 26
  • 29
  • I am thinking if CookieStore, it would be similar to token based authentication. – TheOneTeam May 16 '14 at 03:51
  • Can you elaborate? A common use case of the session is to store the id of an authenticated user once they enter their username and password. Token based authentication is used to authenticate a user without them giving you their username and password. http://stackoverflow.com/questions/1592534/what-is-token-based-authentication – hjing May 16 '14 at 04:07
  • Both of them storing information as cookies, token or sessionID, for each request, they would authenticate using the sessionID / token. That's why i think similiar – TheOneTeam May 16 '14 at 04:11