Rails: How to store data in session?

后端未结

关注

 3  1635

I\'m making an writing exam practice web app in Rails. The problem is that if users\' answers are submited to the Internet, they will easily be detected by ETS. So when user

相关标签:

3条回答

别那么骄傲

2020-12-17 09:47

My approach to this, is to store users' eassay in session. So it will not be upload to Internet at all.

Technically, that is not correct. The default implementation of sessions in rails is cookie based. So if you write something to the session, it's written to a cookie on the client. With each following request to your server, the cookie is send to the server, which i assume, is somehow connected the internet.

Also, cookies and therefore sessions, are restricted in size (about 4kb). So you might not be able to store everything in a session.

The problem is that if users' answers are submited to the Internet, they will easily be detected by ETS

That's the real question here:

Usually, if one doesn't want that other people (e.g. the ETS) can read your content, you restrict the access to the content. Either by passwords or by other means.

So, use some sort of authentication (answer by @Rich Peck), be extra careful that your content is only visible after an successful authentication, don't give the passwords to the ETS and you should be fine.

0 讨论(0)
发布评论:

提交评论
- 加载中...
名媛妹妹

2020-12-17 09:50
To store something in a session you can do:
```
session[:answer] = "some answer"
```
Then you can call the answer with:
```
session[:answer]
```
Or you could use HTML5 localstorage:
```
<script>
  localStorage.setItem("essay", "text");
  localStorage.getItem("essay"); // => "text"
</script>
```
0 讨论(0)
发布评论:

提交评论
- 加载中...
离开以前

2020-12-17 09:53
1. Rails stores data in a database (doesn't have to be on the "Internet")
2. Storing lots of data in sessions is a really bad idea
Sessions

Rails sessions are meant to keep consistency throughout your app

IMO, sessions are best used for storing "snippets" of data (such as a single object, ids etc), and are best used for these types of functions:
- Shopping carts
- Security-centric systems (keeping secure data)
- Authentication (keeping a user logged in)
Database

What you've asked is how you store people's answers in sessions

I would argue you should store them in a database, but secure that DB with authentication (such as Devise):
```
#app/controllers/answers_controller.rb
def new
    @answer = Answer.new
end

def create
    @answer = Answer.new(answer_params)
    @answer.save
end

private

def answers_params
     params.require(:answer).permit(:body, :question_id).merge(user_id: current_user.id)
end 
```
This will allow you to store the answers in a database (the database can be on your local computer, local Intranet, or anywhere you want)

Security

The key for you will be to secure your data

This is called Authentication, and without going into huge detail, here's a great resource for you:

http://railscasts.com/episodes/250-authentication-from-scratch
0 讨论(0)
发布评论:

提交评论
- 加载中...