Cookies, Sessions and Flash Messages

Writing programs with Ruby on Rails is great, but a Ruby on Rails program that can persist data with cookies, sessions and flash messages makes for an even better overall user experience. Lets take a step back for a minute and think what it means to have persistence in Ruby.

HTTP STATELESS

To understand persistence, lets first start by taking a look at what HTTP (Hypertext Transfer Protocol) Stateless is and how this relates to persistence. HTTP is considered a Stateless protocol because each request sent is made in isolation and requires no inference from previous or future calls. HTTP was built this way in order to simplify server design and require it to not store information on each call. This does however require for each call to the server being made to persist data if need be, for example if you were to need to keep track of the correct answers in a trivia app, you would need to pass that information to the server each time.

Cookie Monster

COOKIES

Now that we understand whats going on with HTTP Stateless, lets talk about some ways we persist data. One way this can be done, is thru cookies. Cookies are a way for us to pass data and prevent it from being reset unless requested. Cookies are great because there a building block for persistence, however this technology is not infallible. Cookies are easily manipulated, by simply accessing the console on a page and navigating to the cookies section, its easy to change things, for example with our trivia app its easy to access the cookie that store the correct answer and change it to whatever we like.

Knowing that cookies may have there pros and cons, lets take a look at how we may implement them. Keeping with our example of a trivia app, we may have something in a controller written like this:

Flatiron Trivia App — Cookies

Above is a code snip it of a controller using cookies to help persist the correct answer given each time a new question is given(or created). If we take a look at the create method, we can see this is accomplished by first checking to see if there is a correct answer, if there is none then the number_correct remains at 0. Then this response is set to check to see if it is the correct answer, if so the number_correct is add by 1. Now since numbers_correct comes thru as a string this needs to be turned in to a integer, hints the .to_i at the end of the cookie before the + 1. Next we return a flash message(we will get to this!) and finally redirects_to the trivia question route in this case ‘/random_question’ to populate the next question. WHEW, that’s a lot going on, that’s not even including whats going on in the rest of the controller, let alone how to display this to the front-end, no wonder devs charge so much!

Encryption

SESSIONS

You ever wonder how when you pass information to your bank online for example such as your log-in and password, how this information is sent and stored securely, well we accomplish thru sessions. Sessions are a secure way of passing this information in an encrypted way. This is typical done thru a string of random characters only accessible to the receiver to prevent any type of malicious handling. Keeping with the trivia example, you can simply replace cookies with session and voila! information being passed is now encrypted.

Flatiron Trivia App — Sessions

Now the user playing this trivia game is no longer able to manipulate the correct answers thru the console and instead must actually provide the correct answer in order to receive points. This is a great scenario for when you would want to use sessions over cookies, honestly in this day and age of the interwebs, sessions is almost always to better answer to passing information along.

Flash (John Welsey Shipp)

FLASH MESSAGES

Alright, now that we looked into a couple ways of persisting data continuously, lets look at a way we can simply pass it once before it is lost in the ether. This can be done thru something called a flash message. Flash messages are a great way to pass information on the the screen once to give the user notice of something, such as an error being made. In our code snip it above the app uses a flash message to display if the answer is correct or incorrect before going on the the next trivia question.

mFlatiron Trivia App — front end render

Lastly, lets take a look at the views folder, specifically the form created to generate the front-end for the user experience. Above is another code snip it, we can see that thru the use of of ERB(Embedded RuBy) this app is able to generate the template needed to show the user a random question and then in turn have the user provide a response to the question by choosing what they believe may be the right answer. With that response thru persistence again this app is able to decide if the answer is given is correct(in this specific app thru the seed file) and store it a session and display it on the screen. This will allow for each new question that is generated to keep track of how many answers have been correctly answered. Seeing the above code snip its can really help you visualize how useful persistence can be in your own applications and how storing information rather it be encrypted or not can be indispensable.