Introduction1
Sessions allow you to store objects in memory between requests. This is useful for objects that are not yet ready to be persisted, such as a Signup object constructed in a multi-paged process, or objects that don’t change much and are needed all the time, such as a User object for a system that requires login. The session should not be used, however, as a cache for objects where it’s likely they could be changed unknowingly. It’s usually too much work to keep it all synchronized — something databases already excel at.
You can place objects in the session by using the session method:
session[:person] = Person.authenticate(user_name, password)And retrieved again through the same hash:
Hello #{session[:person]}Any object can be placed in the session (as long as it can be Marshalled). But remember that 1000 active sessions each storing a 50kb object could lead to a 50MB memory overhead. In other words, think carefully about size and caching before resorting to the use of the session.
If you store a model in the session, you must also include a line like:
model :person
For that particular controller. In Rails, you can also just add it in your app/controller/application.rb file (so the model is available for all controllers). This lets \ActionPack know to have the model definition loaded before retrieving the object from the session. See WhenToUseTheModelMethod for more information.
For removing objects from the session, you can either assign a single key to nil, like session[:person] = nil, or you can remove the entire session with reset_session.
See also
- HowtoWorkWithSessions
- HowtoChangeSessionOptions
- HowtoChangeSessionStore
- HowtoAvoidSessionRestoreError
- UnderstandingHowStateIsMaintained
1 lifted from “Sessions” section of http://rails.rubyonrails.com/classes/ActionController/Base.html