## 📘 Session Management Example
 
 This cell defines a simple in-memory session store using a global Ruby Hash.
 Each session is identified by a unique UUID and stores key-value pairs.
 
#### Functions provided:
 - create_session: creates a new session and returns its ID.
 - set_session_data: sets a key-value pair for a given session.
 - get_session_data: retrieves a value for a given key from a session.
 - print_session: prints all key-value pairs stored in a session.
```
 Example usage at the bottom demonstrates:
 ✅ Creating a session.
 ✅ Setting data (`username` and `logged_in`).
 ✅ Retrieving `username` from session.
 ✅ Printing all session data.
```

In [1]:
require 'securerandom'

# Global hash to store sessions
$session_store = {}

def create_session
  session_id = SecureRandom.uuid
  $session_store[session_id] = {}
  puts "Session created: #{session_id}"
  session_id
end

def set_session_data(session_id, key, value)
  if $session_store[session_id]
    $session_store[session_id][key] = value
    puts "Set #{key} = #{value} in session #{session_id}"
  else
    puts "Session ID not found!"
  end
end

def get_session_data(session_id, key)
  if $session_store[session_id]
    $session_store[session_id][key]
  else
    puts "Session ID not found!"
    nil
  end
end

def print_session(session_id)
  if $session_store[session_id]
    puts "Data for session #{session_id}:"
    $session_store[session_id].each do |k, v|
      puts "  #{k}: #{v}"
    end
  else
    puts "Session ID not found!"
  end
end

# Example usage:
sid = create_session
set_session_data(sid, :username, 'alice')
set_session_data(sid, :logged_in, true)

puts "Username from session: #{get_session_data(sid, :username)}"
print_session(sid)



Session created: 51f33b28-717d-4937-b612-6982c91398a0
Set username = alice in session 51f33b28-717d-4937-b612-6982c91398a0
Set logged_in = true in session 51f33b28-717d-4937-b612-6982c91398a0
Username from session: alice
Data for session 51f33b28-717d-4937-b612-6982c91398a0:
  username: alice
  logged_in: true


{username: "alice", logged_in: true}

### Let me walk you through what this Ruby code is doing step-by-step:
#### 1. require 'securerandom'

    This loads Ruby's SecureRandom module, which provides methods to generate random numbers and strings securely.

    We use it here to create unique session IDs (UUIDs).

#### 2. $session_store = {}

    This is a global hash (dictionary) that stores all sessions.

    Each session ID (a string) maps to another hash holding that session's key-value data.

    Example structure:
```
{
  "550e8400-e29b-41d4-a716-446655440000" => { username: "alice", logged_in: true },
  "123e4567-e89b-12d3-a456-426614174000" => { username: "bob", logged_in: false }
}
```
#### 3. def create_session

    This method creates a new session:

        Generates a unique session ID using SecureRandom.uuid.

        Creates an empty hash for storing session data.

        Prints the session ID.

        Returns the session ID (so you can use it to set or get data later).

#### 4. def set_session_data(session_id, key, value)

    Given a session ID, a key, and a value, this method:

        Checks if the session exists.

        If yes, it stores the key-value pair inside that session's hash.

        Prints confirmation.

        If the session ID does not exist, it prints an error message.

#### 5. def get_session_data(session_id, key)

    Retrieves the value for the given key from the specified session.

    If session doesn't exist, it prints an error and returns nil.

#### 6. def print_session(session_id)

    Prints all key-value pairs stored inside the specified session.

    If session doesn't exist, prints an error.

#### 7. Example usage

sid = create_session

    Creates a new session, say sid = "550e8400-e29b-41d4-a716-446655440000".
```
set_session_data(sid, :username, 'alice')
set_session_data(sid, :logged_in, true)
```
    Sets two pieces of data inside that session:

        username = 'alice'

        logged_in = true

puts "Username from session: #{get_session_data(sid, :username)}"

    Retrieves and prints the username from the session: alice.

print_session(sid)

    Prints all data in the session:

Data for session 550e8400-e29b-41d4-a716-446655440000:
  username: alice
  logged_in: true

Summary

You’ve created a very basic session management system in Ruby that:

    Creates unique session IDs,

    Stores key-value session data in memory,

    Allows retrieval and display of session data,

    Handles errors gracefully if session IDs are invalid.

This mimics how web frameworks might store session data on the server side, using session IDs to identify clients.

```
In Rails, by default, the session is stored entirely in the client-side cookie, in an encrypted & signed format.
```


```
✅ This Jupyter notebook cell generates a valid, signed JWT, sends it to your Rails app at localhost:3000/login, and shows you what the server returns & what cookies it sets.
✅ You can paste the JWT + secret into jwt.io and see it decoded & verified.
✅ You can also inspect the browser cookies or session in Rails console to confirm.
```

```

The next cell:

Creates a valid, signed JWT for user alice with a secret.

Sends it to your Rails app /login.

Prints back the cookies your Rails app sends in response.

And lets you use jwt.io to inspect the JWT.
```

**Note**: Make sure your app is running at http://localhost:3000 before sending the request.

In [2]:
require 'net/http'
require 'uri'
require 'securerandom'
require 'jwt'   # make sure you have installed the gem: gem install jwt

# Config
username = 'alice'
secret   = 'my_super_secret_key'  # 🔐 Use this in jwt.io to verify

# Generate signed JWT
payload = {
  sub: SecureRandom.uuid,
  name: username,
  iat: Time.now.to_i
}

jwt_token = JWT.encode(payload, secret, 'HS256')

puts "Generated JWT (signed with secret):"
puts jwt_token
puts "-----"
puts "➡️  Enter this secret in jwt.io to verify: #{secret}"
puts "-----"

# Send POST to /login with username & token in form body
uri = URI("http://localhost:3000/login")

res = Net::HTTP.post_form(uri, {
  'username' => username,
  'token'    => jwt_token
})


puts "Set-Cookie header(s):"
Array(res.get_fields('set-cookie')).each do |cookie|
  puts cookie
end



Generated JWT (signed with secret):
eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJkN2RkZWRhNy0yOTI3LTQ4N2YtYjk5Ni1hN2ZhNjU4MmQzYTIiLCJuYW1lIjoiYWxpY2UiLCJpYXQiOjE3NTE4OTc1NDN9.SW1XSi4LSEWZSvCqta27EF8IzAnF5FttF4NfomAoOWo
-----
➡️  Enter this secret in jwt.io to verify: my_super_secret_key
-----
Set-Cookie header(s):
kc_access_token_plain=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJkN2RkZWRhNy0yOTI3LTQ4N2YtYjk5Ni1hN2ZhNjU4MmQzYTIiLCJuYW1lIjoiYWxpY2UiLCJpYXQiOjE3NTE4OTc1NDN9.SW1XSi4LSEWZSvCqta27EF8IzAnF5FttF4NfomAoOWo; path=/; httponly; samesite=lax
_session_demo_app_session=MzUIeZNhpaQZKbPVHfv2b93XQdPkTrC79PSCddJ%2BqiZGfockbV1nd%2FMcPq5IwkPR%2F%2FrOfhnLvPC5tHA5SWYWNTeV3h3XV5o57k3Hxj7v%2Bb3zqWT38Ou%2BeSvlv1PQOsRZIYwI4CTVt%2BRyP%2F2tdwzBb8S1gFuG7XUyncsnmmtgckv6vmJMkxrBE9D5zknc%2FULoE%2BhjOK834%2FmNc44fxX7ENYCR49T%2FTkT5Gh4NxR%2BlRGu2NgTvpXVaAmLLn6WQ75dIowPwQBM3mgbGPaUqUPhqCuvBQtlC9yHptCqy4jqqYeeg0ufvVkGXp7rT1vKCSsDEXP0DT4xfJbBhT9WcDpfEmuwTH4AafSy7wPmiBsjjAIoacFIIXgw9aKwSYR07i%2FNswDLQd713O%2Behx6E0S2mExmfBZnFKvJcZi

["kc_access_token_plain=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJkN2RkZWRhNy0yOTI3LTQ4N2YtYjk5Ni1hN2ZhNjU4MmQzYTIiLCJuYW1lIjoiYWxpY2UiLCJpYXQiOjE3NTE4OTc1NDN9.SW1XSi4LSEWZSvCqta27EF8IzAnF5FttF4NfomAoOWo; path=/; httponly; samesite=lax", "_session_demo_app_session=MzUIeZNhpaQZKbPVHfv2b93XQdPkTrC79PSCddJ%2BqiZGfockbV1nd%2FMcPq5IwkPR%2F%2FrOfhnLvPC5tHA5SWYWNTeV3h3XV5o57k3Hxj7v%2Bb3zqWT38Ou%2BeSvlv1PQOsRZIYwI4CTVt%2BRyP%2F2tdwzBb8S1gFuG7XUyncsnmmtgckv6vmJMkxrBE9D5zknc%2FULoE%2BhjOK834%2FmNc44fxX7ENYCR49T%2FTkT5Gh4NxR%2BlRGu2NgTvpXVaAmLLn6WQ75dIowPwQBM3mgbGPaUqUPhqCuvBQtlC9yHptCqy4jqqYeeg0ufvVkGXp7rT1vKCSsDEXP0DT4xfJbBhT9WcDpfEmuwTH4AafSy7wPmiBsjjAIoacFIIXgw9aKwSYR07i%2FNswDLQd713O%2Behx6E0S2mExmfBZnFKvJcZizZTd8EYUob2NUiVe2%2FU2qmp7U5c6w9qqLU9XmytocBcWRonfzzFXvHDSoBCwt4zC3hXoZvaNGvgldUciVjOpiHrVofYTxSu0hdsoHXCA%2BWnVrX%2BmH3YvlJR%2FHmCPb7DpOkMGWHydraVgo06ZZ567DP%2FYbKLDPhshg%3D%3D--foypTrXVoRIvTyCU--pwchX0lcpxqJ%2FHI6OKEqEg%3D%3D; path=/; httponly; samesite=lax"]

| Cookie name                 | Security level   | Accessible by JS?     |
| --------------------------- | ---------------- | --------------------- |
| `kc_access_token_plain`     | plaintext        | ❌ if `httponly: true` |
| `_session_demo_app_session` | signed+encrypted | ❌                     |


In [3]:
puts "That's it!"

That's it!
