Rails: How to store data in session?

Question

I\'m making an writing exam practice web app in Rails. The problem is that if users\' answers are submited to the Internet, they will easily be detected by ETS. So when user

Answer 1

1. Rails stores data in a database (doesn't have to be on the "Internet")
2. Storing lots of data in sessions is a really bad idea

---

Sessions

Rails sessions are meant to keep consistency throughout your app

IMO, sessions are best used for storing "snippets" of data (such as a single object, ids etc), and are best used for these types of functions:

• Shopping carts
• Security-centric systems (keeping secure data)
• Authentication (keeping a user logged in)

---

Database

What you've asked is how you store people's answers in sessions

I would argue you should store them in a database, but secure that DB with authentication (such as Devise):

#app/controllers/answers_controller.rb
def new
    @answer = Answer.new
end

def create
    @answer = Answer.new(answer_params)
    @answer.save
end

private

def answers_params
     params.require(:answer).permit(:body, :question_id).merge(user_id: current_user.id)
end 

This will allow you to store the answers in a database (the database can be on your local computer, local Intranet, or anywhere you want)

---

Security

The key for you will be to secure your data

This is called Authentication, and without going into huge detail, here's a great resource for you:

http://railscasts.com/episodes/250-authentication-from-scratch