The concept of “Sessions” is based on the fact that the user’s state is somehow preserved when it moves from one page to another.
Think about how browsers monitor that the user is logged in when the page reloads. HTTP requests do not have states, so how do you determine if the request came from a logged-in user? That’s why cookies are important — they allow you to query from a query to a query until their expiration date has expired.
A special case is when you want to track user session data, which includes everything that the user does, until you want to “remember” it, usually until the user closes the browser window. In this case, each page, its user visited before closing the browser will be a single session.
To identify the user session, Rails stores in the user’s browser a special secure and change-protected cookie that contains all session hash, and it stops working when the browser is closed. Whenever a user makes a request to your application, this request automatically includes the session cube (like the rest of the cookies), and you can use it to track whether the user is logged on.
Rails gives you access to the hash of the ‘session’ in much the same way as the hash of the ‘cookie’. Use a variable session in your views or controllers, like so:
Why do we need cookies and sessions?
It looks like, but it’s not the same thing.
Session is the entire hash, which is stored in a safe session cookie, which is valid until the moment the browser is closed. If you look in the developer tools, then the expiration of this cookie is designated as “session”. Each value of the hash of the cookie is stored in a separate cookie.
So, cookies and sessions are something like temporary tables in a database in which you can store data unique to a particular user and that will be stored until you delete them, or until they have expired, or until the end of the session.
The amount of data that you can store in a session hash or browser cookies is limited (~ 4 kb). This is sufficient for any “normal” purposes, but you do not need to try to replace this database with a repository.