0
0
RailsHow-ToBeginner · 4 min read

How to Use Cookies in Rails: Syntax and Examples

In Rails, you use the cookies hash to set, read, and delete cookies. To set a cookie, assign a value like cookies[:user_name] = "value". To read it, use cookies[:user_name], and to delete, use cookies.delete(:user_name).
📐

Syntax

Rails provides a cookies hash to manage cookies easily. You can set a cookie by assigning a value to a key, read it by accessing the key, and delete it using the delete method.

  • Set cookie: cookies[:key] = "value"
  • Read cookie: cookies[:key]
  • Delete cookie: cookies.delete(:key)

You can also set options like expires to control cookie lifetime.

ruby
cookies[:user_name] = "Alice"
user = cookies[:user_name]
cookies.delete(:user_name)
cookies[:user_id] = { value: "123", expires: 1.hour.from_now }
💻

Example

This example shows how to set a cookie with an expiration, read it, and delete it in a Rails controller.

ruby
class UsersController < ApplicationController
  def set_cookie
    cookies[:user_name] = { value: "Alice", expires: 1.hour.from_now }
    render plain: "Cookie set"
  end

  def show_cookie
    user = cookies[:user_name] || "No cookie found"
    render plain: "User cookie: #{user}"
  end

  def delete_cookie
    cookies.delete(:user_name)
    render plain: "Cookie deleted"
  end
end
Output
When visiting /set_cookie: Cookie set When visiting /show_cookie: User cookie: Alice After /delete_cookie and then /show_cookie: User cookie: No cookie found
⚠️

Common Pitfalls

Common mistakes when using cookies in Rails include:

  • Not setting an expiration, causing session cookies that disappear when the browser closes.
  • Trying to store large or sensitive data in cookies (cookies should be small and not contain secrets).
  • Forgetting to delete cookies properly, leading to stale data.
  • Not considering cookie security options like secure and httponly.

Always use cookies for small, non-sensitive data and consider using sessions or encrypted cookies for sensitive information.

ruby
## Wrong way (no expiration, storing large data):
cookies[:data] = "a" * 5000

## Right way (small data with expiration):
cookies[:user_id] = { value: "123", expires: 1.hour.from_now, secure: true, httponly: true }
📊

Quick Reference

ActionSyntaxDescription
Set cookiecookies[:key] = "value"Stores a cookie with default session expiration
Set cookie with optionscookies[:key] = { value: "value", expires: 1.hour.from_now }Stores cookie with expiration time
Read cookiecookies[:key]Retrieves the cookie value or nil if not set
Delete cookiecookies.delete(:key)Removes the cookie from the browser

Key Takeaways

Use the cookies hash to set, read, and delete cookies in Rails controllers.
Set cookie expiration to control how long cookies last; otherwise, they expire when the browser closes.
Avoid storing large or sensitive data directly in cookies; use sessions or encrypted cookies instead.
Use security options like secure and httponly to protect cookies.
Always delete cookies properly to avoid stale data.

Related by keyword

Rails 6 vs Rails 7: Key Differences and When to Use EachRails vs OtherHow to Check Rails Version in Ruby on RailsGetting StartedHow to Create a Rails Project in Ruby on Rails QuicklyGetting StartedHow to Run Rails Server in Ruby on Rails: Simple StepsGetting StartedWhat is Rails CLI in Ruby on Rails: Explained SimplyGetting Started

Up next

How to Use Root Route in Rails: Syntax and ExamplesHow to Use Scope in Routes in Ruby on RailsHow to Create Custom Validation in Ruby on RailsHow to Create a Model in Rails: Simple Guide

More in Controllers

How to Create Controller in Rails: Simple Steps and ExampleHow to Handle Errors in Controller in Ruby on RailsHow to Redirect in Controller in Ruby on RailsHow to Render JSON in Rails: Simple Guide with Examples