Tag Archives: php

Sharing Rails sessions with PHP, ColdFusion, and more!

Sometimes it does not make sense to store session within a cookie. It might be a size issue, or it could be sensitive information you do not want to go across the wire with each request. Whatever the reason, another option is to database the session information. Luckily rails makes it really easy to do this via active record store.

Active record store

To start databasing our sessions, we need to setup rails to use the active record store. To enable active record store we need to edit the config/initializers/session_store.rb file. We need to comment out the cookie store option and add the active record store option.

Creating the database

Next step is to create the session database table. To do that we will run the following commands…

Session data

When you create the session each created session will be entered as a record in the database. There will be id, session_id, data, created_at, and updated_at columns. The session_id will stored in a cookie and be used to retrieve the data column which contains the databased session information. The data column will store the information as a base64 encoded string. Like so.

Which can be marshaled to a ruby object upon request.

Making rails share

This works pretty well for storing sessions in rails. However, there is a problem. Ruby is using it’s internal marshaler when storing the session information. This means that any other language, such as php, coldfusion, etc cannot decode the data unless you write the marshaler 🙁

There may however, be a way around this. What if we could override rails and tell it to save the data as base64 encoded JSON instead of marshaling it? Every other language could then decode base64 strings and serialize them from JSON to native objects.

If we again edit our session_store.rb file, we can override some internal rails methods when handling sessions. Below we are overriding base the SessionStore class.

If you notice we are only overriding the marshal and unmarshal methods to preform a JSON.encode and JSON.decode instead of the traditional Marshal.load and Marshal.dump.

We can then easily read this information out in another language.