Cookies are part of everyday life. They are there to make your life easier and difficult at the same time. Easier in the fact that you do not have to remember as many passwords. I find myself and others just logging in to many different apps by using my gmail, Facebook, Twitter or some other account. They show a prompt that they will use certain info and I just allow it just so I can get into the app. But this is also what makes cookies difficult in our lives. As a regular person, you are probably incapable of keeping track of what site has your information and what they have, which is a concern for your privacy and security. Cookies are also there for advertisers and websites to track where you have been and what you are into and spawn up ads that specifically target your likes.
As a developer, adding in cookies is as easy as “1,2,3”. In Rails I have access to write and read cookies that are sent through the request from the user when they go on my website. There is no need to install any additional gems (libraries).
In my application I implemented my cookies in the simplest way. Once a user logs in I check to see if they clicked the “Remember Me” button.
If they do not check the option I still create a cookie but it becomes a session cookie. While they are in said browser they can close out the tab as many times as they want. But once they go back to the site they will still be logged in.
But once the user closes out of the browser the cookie disappears and they will have to log in again.
However if the user chooses the application to “Remember Me” the cookie that I have implemented will store the user ID and set an expiration date of two weeks after login.
- **It is good to note that I only create the cookie after the user is authenticated. I find that the user exists and the password matches, and once that is verified I then check to see if they wanted the application to remember them.**
By being remembered even if the user closes out of the browser when they go back onto my application it will read the cookie from the request and know that this user has already signed in and automatically “log” them in, even though there is no actual exchange of username and password.
Because of how the routes are configured I programmed it so that when I get a request, when the user goes to the “home” page and “signup” page, I first check to see if they have cookies set from my application already.
One of the things that I had to do, consciously, was to make sure that if the user decided to logout that I made sure the cookie was destroyed. Else that cookie would still be around until 2 weeks after the user sign in.
FROM_NOW??? What is that?
This method is provided by Rails. When I enter the Rails console I am able to simply type in the (number).(amount of time).from_now.
In Ruby, I go into IRB, we are unable to call this from_now. It is not as easy to calculate datetime. You have to declare a datetime first and then add time to it.