RailsCasts Pro episodes are now free!
Learn more or hide this
GitHub User: newsinked
There is always a security concern when it comes to authenticating users. We'd better to stick with session over cookie when we store authenticated user details. Cookie is only suited for storing the remember me flag, but not for the authorization hash.