Cookies are objects that we use to store some information of the user in the browser like geolocation of user . It is a set of key value pair. All cookies have time of expiry after which they are just deleted from the browser usually at the end of the browsing session. The most common use of cookie is storing the user session_id after login in a website. In rails we can get to the cookie using a special hash called cookie.

Example:

cookie[:country] = India #writing a cookie
cookie[:country] #=> India #reading a cookie
cookie.delete(:country) #deleting a cookie


setting expiration time for cookie.

cookies[:city] = { value: "Dehradun", expires: Time.now + 1.hour }

Signed cookie . This type of cookie is signed using the secret key of our application and cannot

be tampered by the user.

cookies.signed[:user_name] = admin

setting domain specific cookie.

cookies[:user_name] = {
  value: 'admin',
  expires: 1.year.from_now,
  domain: Findnerd.com'
}

Deleting domain specific cookie

cookies.delete(:name, domain: 'domain.com')

There are 4 cookie store used by rails:

ActionDispatch::Sessions::CookieStore (default and commonly used)
ActionDispatch::Sessions::ActiveRecordStore
ActionDispatch::Sessions::CacheStore
ActionDispatch::Sessions::MemCacheStore

The last two cookie store are not used for storing sensitive data. They store the data in unencrypted and unsigned form.