Learn

• What is a Cookie? Google it if you do not know.
• How are cookies transferred between your browser and the server?
  • Open the development tools in your browser for this page. Can you find the cookies your browser stores for makandracards?
  • In the network tab, can you see how the cookies are transferred to or from the server?
  • Can you log yourself out by manipulating a cookie? Can you log yourself back in?
• Understand what domains mean to cookies
  • Can cookies be shared between domains?
  • Between subdomains?
• How do cookies expire? What are "session" cookies?
• What does a cookie's "secure" flag do? Is it still relevant with HSTS?
• Look at Rails' API for managing cookies Show archive.org snapshot
  • How do you set and delete cookies?
  • What are signed cookies and how do they work?
  • What are encrypted cookies and how do they work?
• Learn about Rails sessions Show archive.org snapshot (which are not the same as 'session cookies')
• Learn about the SameSite cookie attribute

Resources

• Rails Guides - ActionController#cookies Show archive.org snapshot
• Rails Guides - ActionController#session Show archive.org snapshot

Exercise: Star movies

• In your MovieDB, implement a feature to star / unstar your favorite movies.
• Implement this with cookies or sessions without writing anything to the database.
• You can decide whether the cookie is manipulated by the server or the client.
• You can decide whether the state (movie is starred / movie is unstarred) is rendered by the server or by the client (using JavaScript). Try not to duplicate rendering logic or persistance logic though.
• Is this a good way to implement the star feature?