Ruby on Railsframework~10 mins

Remember me functionality in Ruby on Rails - Step-by-Step Execution

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Perf

Concept Flow - Remember me functionality

User logs in

↓

Check 'Remember me' box?

No→Create session only

Yes↓

Generate remember token

↓

Store token digest in DB

↓

Store token in cookie

↓

User closes browser

↓

User returns

↓

Check cookie token

↓

Match token with DB digest?

No→Ask to login

Yes↓

Log user in automatically

This flow shows how the app remembers a user by storing a token in a cookie and matching it with the database to keep the user logged in.

Execution Sample

Ruby on Rails

def remember(user)
  user.remember
  cookies.permanent.signed[:user_id] = user.id
  cookies.permanent[:remember_token] = user.remember_token
end

This code sets a permanent signed cookie with the user ID and a remember token cookie to keep the user logged in.

Execution Table

Step	Action	Token Generated	Cookie Set	DB Updated	Result
1	User logs in and checks 'Remember me'	No token yet	No cookies	No DB change	Waiting for token generation
2	Generate remember token	Token123abc	No cookies yet	No DB change	Token ready
3	Store token digest in DB	Token123abc	No cookies yet	Digest stored	DB updated with token digest
4	Set cookies with user_id and token	Token123abc	Cookies set with user_id and token	Digest stored	Cookies saved on browser
5	User closes browser	Token123abc	Cookies persist (permanent)	Digest stored	User session saved
6	User returns, app reads cookies	Token123abc	Cookies read	Digest stored	Token retrieved from cookie
7	Compare cookie token with DB digest	Token123abc	Cookies read	Digest stored	Tokens match
8	Log user in automatically	Token123abc	Cookies read	Digest stored	User logged in without password
9	If tokens did not match	Token123abc	Cookies read	Digest stored	User asked to login manually

💡 Execution stops after user is logged in automatically or asked to login if tokens don't match.

Variable Tracker

Variable	Start	After Step 2	After Step 3	After Step 4	After Step 6	Final
remember_token	nil	Token123abc	Token123abc	Token123abc	Token123abc	Token123abc
cookies[:user_id]	nil	nil	nil	user.id	user.id	user.id
cookies[:remember_token]	nil	nil	nil	Token123abc	Token123abc	Token123abc
DB remember_digest	nil	nil	Digest(Token123abc)	Digest(Token123abc)	Digest(Token123abc)	Digest(Token123abc)

Key Moments - 3 Insights

Why do we store a digest of the token in the database instead of the token itself?

What happens if the user clears cookies but the database still has the token digest?

Why do we use permanent cookies for 'Remember me'?

Visual Quiz - 3 Questions

Test your understanding

Look at the execution_table at step 4. What cookies are set in the user's browser?

AOnly remember_token cookie

BBoth user_id and remember_token cookies

COnly user_id cookie

DNo cookies are set yet

Concept Snapshot

Remember me functionality in Rails:
- Generate a secure token when user opts in
- Store token digest in DB, token in permanent cookie
- On return, compare cookie token with DB digest
- If match, log user in automatically
- Protects user convenience and security

Full Transcript

This visual execution trace shows how the 'Remember me' feature works in Rails. When a user logs in and checks 'Remember me', the app generates a secure token and stores its digest in the database. It sets permanent cookies with the user ID and token. When the user returns, the app reads the cookies and compares the token with the digest in the database. If they match, the user is logged in automatically without entering credentials again. If not, the user must log in manually. This process balances user convenience with security by storing only the token digest in the database and the actual token in the user's browser cookie.