I use ActiveRecord session storage and I have some questions regarding the use of this store.
I can easily create a model for accessing any session directly (from the console, and not as a controller or something else):
class Session < ActiveRecord::Base
end
Then I can access and decode the contents of the sessions, for example
Marshal.load(ActiveSupport::Base64.decode64(Session.first)
But I am curious why I can not find many other people who do such things? At least I would at least like to have work on deleting expired sessions, so the session table is not growing and not growing. I also store several fields in sessions that are important to the application logic. It is possible that at some point I can perform some maintenance task with logic based on decoded session data. Is such a repository a constructive taboo?
I hope that someone who has more experience working with the production rail app can hit some or all of these issues, or at least share how they use the sessions.
Thank.
edit: I just realized that the session data store is encoded by Base64 and is not encrypted in any way.