I got it.
This way the server handles no physical session data, everything
related with session are stored in cookies.
As for the security issue, it encrypt the cookie data with the secret
key in the environment.rb. Am I right?
But how can I control the expiration period? Say, I want to limit
ever
On Mon, Apr 14, 2008 at 10:44 PM, mega <[EMAIL PROTECTED]> wrote:
> But I get this after I comment out the :active_record_store
> ActionController::InvalidAuthenticityToken
> Anything I can do ? go back to active_record_store?
One way to fix it is probably to change your session cookie name to
Hi Adam,
But I get this after I comment out the :active_record_store
ActionController::InvalidAuthenticityToken
Anything I can do ? go back to active_record_store?
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
I strongly recommend switching to cookie store, which is the default
on Rails 2 (and thus Heroku). This completely eliminates the need to
do any housekeeping at all.
For those that don't know, you can manage this by commenting out or
deleting any line that looks like this:
# config.action_contr
Hey Mega -- I was thinking of this too, just relying on app
hits to trigger a sweep. Since you're concerned about
session expiration, I assume your expiration period is
really short so you're right, you can't rely on someone
logging in after the last person.
Maybe use both techniques? Each lo
Thanks Kevin!
But I think of something...
In my desktop environment, I create another Model object call
"Session".
Instead of doing a db:migrate, I just create the model itself only
because I have the "sessions" table already in the database.(I use
Activerecord as my session_store)
And I use Sess
Hi -- this is an interesting issue. I've been wanting to
learn more about scheduling automated tasks in Ruby on
Heroku but haven't gotten there yet. My sessions tend to
time out after a long period of time, so I haven't
researched it thoroughly.
But that won't keep me from commenting on both,
Dears, is there any good way to do a session expiration in Heroku? or
any rules to follow?
I'm a rookie in rails, and Heroku of course, Lately, I have just
created some simple apps in Heroku. I notice that there are some house-
keeping work to do with user sessions. Even thought I use activerecord