Re: The best way to do session expiration in HEROKU

I got it. This way the server handles no physical session data, everything related with session are stored in cookies. As for the security issue, it encrypt the cookie data with the secret key in the environment.rb. Am I right? But how can I control the expiration period? Say, I want to limit ever

Re: The best way to do session expiration in HEROKU

On Mon, Apr 14, 2008 at 10:44 PM, mega <[EMAIL PROTECTED]> wrote: > But I get this after I comment out the :active_record_store > ActionController::InvalidAuthenticityToken > Anything I can do ? go back to active_record_store? One way to fix it is probably to change your session cookie name to

Re: The best way to do session expiration in HEROKU

Hi Adam, But I get this after I comment out the :active_record_store ActionController::InvalidAuthenticityToken Anything I can do ? go back to active_record_store? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups

Re: The best way to do session expiration in HEROKU

I strongly recommend switching to cookie store, which is the default on Rails 2 (and thus Heroku). This completely eliminates the need to do any housekeeping at all. For those that don't know, you can manage this by commenting out or deleting any line that looks like this: # config.action_contr

Re: The best way to do session expiration in HEROKU

Hey Mega -- I was thinking of this too, just relying on app hits to trigger a sweep. Since you're concerned about session expiration, I assume your expiration period is really short so you're right, you can't rely on someone logging in after the last person. Maybe use both techniques? Each lo

Re: The best way to do session expiration in HEROKU

Thanks Kevin! But I think of something... In my desktop environment, I create another Model object call "Session". Instead of doing a db:migrate, I just create the model itself only because I have the "sessions" table already in the database.(I use Activerecord as my session_store) And I use Sess

Re: The best way to do session expiration in HEROKU

Hi -- this is an interesting issue. I've been wanting to learn more about scheduling automated tasks in Ruby on Heroku but haven't gotten there yet. My sessions tend to time out after a long period of time, so I haven't researched it thoroughly. But that won't keep me from commenting on both,

The best way to do session expiration in HEROKU

Dears, is there any good way to do a session expiration in Heroku? or any rules to follow? I'm a rookie in rails, and Heroku of course, Lately, I have just created some simple apps in Heroku. I notice that there are some house- keeping work to do with user sessions. Even thought I use activerecord