235 Cookies and Rails Sessions [1d]

Updated . Posted . Visible to the public.

Learn

  • What is a Cookie? Google it if you do not know.
  • How are cookies transferred between your browser and the server?
    • Open the development tools in your browser for this page. Can you find the cookies your browser stores for makandracards?
    • In the network tab, can you see how the cookies are transferred to or from the server?
    • Can you log yourself out by manipulating a cookie? Can you log yourself back in?
  • Understand what domains mean to cookies
    • Can cookies be shared between domains?
    • Between subdomains?
  • How do cookies expire? What are "session" cookies?
  • What does a cookie's "secure" flag do? Is it still relevant with HSTS?
  • Look at Rails' API for managing cookies Show archive.org snapshot
    • How do you set and delete cookies?
    • What are signed cookies and how do they work?
    • What are encrypted cookies and how do they work?
  • Learn about Rails sessions Show archive.org snapshot (which are not the same as 'session cookies')
  • Learn about the SameSite cookie attribute
  • What is "Local storage" and "Session storage" and how do they compare with cookies?

Resources

Exercise: Star movies

  • In your MovieDB, implement a feature to star / unstar your favorite movies.
  • Implement this with cookies or sessions without writing anything to the database.
  • You can decide whether the cookie is manipulated by the server or the client.
  • You can decide whether the state (movie is starred / movie is unstarred) is rendered by the server or by the client (using JavaScript). Try not to duplicate rendering logic or persistance logic though.
  • Is this a good way to implement the star feature?
Henning Koch
Last edit
Michael Leimstädtner
License
Source code in this card is licensed under the MIT License.
Posted by Henning Koch to makandra Curriculum (2015-10-01 13:40)