All Rails witnesses should remember the times when one could declaratively control a controller's session. As a developer the reasoning behind the removal of this feature, with the introduction of lazy sessions, is understandable. Although as a framework user, especially if Rails advocates itself as being the easier approach to web development, I have my doubts.
The Ruby language is known to be preferring intuitive programming over various (architectural, performance) compromises and Rails at once seemed to be in a position of delivering the same promise. For me the removal of
session :offsomehow symbolically represents a starting point of a diversion from this very path. Now, don't take me wrong I highly appreciate Rails and it's community, but I guess it's getting harder to dive into for new comers with every major release since than.
But back to sessions, laziness is great, at the same time I do not think it's a reason for a useful piece of functionality, such as declaring when a session for an action should be available, to go away. How much easier it is for a developer to see an undefined method 'xxx' for nil:NilClass error than track down if a session cookie is being sent for a given action and particular parameters. Not to mention that it may even lead to "false authentication" if a REST API consumer uses a HTTP engine that handles cookies.
Therefore I decided it's worth a monkey patch and brought some love back :
Please remember that
sessionmight once again be
nil, but only in controllers (
request.sessionworks unchanged). Any controller code relying on
nil, such as
flash, might end with an error.