faustinoaq changed the topic of #amber to: Welcome to Amber Framework community! | https://amberframework.org | Developer happiness, productivity and bare metal performance | GH: https://github.com/amberframework | Docs: https://docs.amberframework.org | Gitter: https://gitter.im/amberframework/amber | IRC Logger: https://irclog.whitequark.org/amber | Amber::Server.start
<FromGitter> <elorest> @alex-lairan for the sake of the example it adds random key value pairs to the session everytime it load which persist between api calls.
<FromGitter> <elorest> @drum445 I think in some cases people don't understand that a cookie is just a header value that gets sent back and forth, so they implement a limited subset of it themselves and try to solve all of the same problems over again. With Rails and Amber you already have a fully encrypted and signed session. Why add/create another library to do it with a different header name?
<FromGitter> <drum445> @elorest yeah exactly, what do you mean by encrypted session though? As in the session on disk/db is encrypted?
<FromGitter> <elorest> @drum445 Like Rails, Amber uses AES256CBC encryption to encrypted the session data into the cookie. This stop a client from being able to change the values or pull data they shouldn't from them.