rails · skipkayhil · Feb 12, 2026
diff --git a/lib/active_record/session_store/session.rb b/lib/active_record/session_store/session.rb
@@ -22,40 +22,14 @@ def data_column_size_limit
           @data_column_size_limit ||= columns_hash[data_column_name].limit
         end
 
-        # Hook to set up sessid compatibility.
         def find_by_session_id(session_id)
-          SEMAPHORE.synchronize { setup_sessid_compatibility! }
-          find_by_session_id(session_id)
+          where(session_id: session_id).first
         end
 
         private
           def session_id_column
             'session_id'
           end
-
-          # Compatibility with tables using sessid instead of session_id.
-          def setup_sessid_compatibility!
-            # Reset column info since it may be stale.
-            reset_column_information
-            if columns_hash['sessid']
-              SessionStore.deprecator.warn <<~MSG
-                Using a session ID column other than `session_id` is deprecated without replacement. You should migrate your session table to use `session_id`.
-              MSG
-
-              def self.find_by_session_id(session_id)
-                find_by_sessid(session_id)
-              end
-
-              define_method(:session_id)  { sessid }
-              define_method(:session_id=) { |session_id| self.sessid = session_id }
-            else
-              class << self; remove_possible_method :find_by_session_id; end
-
-              def self.find_by_session_id(session_id)
-                where(session_id: session_id).first
-              end
-            end
-          end
       end
 
       def initialize(*)
@@ -82,17 +56,13 @@ def loaded?
       # on all existing sessions in the database. Users will not lose their session
       # when this is done.
       def secure!
-        session_id_column = if self.class.columns_hash['sessid']
-          :sessid
-        else
-          :session_id
-        end
-        raw_session_id = read_attribute(session_id_column)
+        raw_session_id = self.session_id
+
         if ActionDispatch::Session::ActiveRecordStore.private_session_id?(raw_session_id)
           # is already private, nothing to do
         else
           session_id_object = Rack::Session::SessionId.new(raw_session_id)
-          update_column(session_id_column, session_id_object.private_id)
+          update_column(:session_id, session_id_object.private_id)
         end
       end
 

diff --git a/test/session_test.rb b/test/session_test.rb
@@ -82,34 +82,6 @@ def test_hybrid_deserialization
         assert_equal s.data,Session.deserialize(sessions[0][Session.data_column_name])
       end
 
-      def test_find_by_sess_id_compat
-        # Force class reload, as we need to redo the meta-programming
-        ActiveRecord::SessionStore.send(:remove_const, :Session)
-        load 'active_record/session_store/session.rb'
-
-        Session.reset_column_information
-        klass = Class.new(Session) do
-          def self.session_id_column
-            'sessid'
-          end
-        end
-        klass.create_table!
-
-        assert klass.columns_hash['sessid'], 'sessid column exists'
-        session = klass.new(:data => 'hello')
-        session.sessid = "100"
-        session.save!
-
-        found = assert_deprecated(ActiveRecord::SessionStore.deprecator) do
-          klass.find_by_session_id("100")
-        end
-        assert_equal session, found
-        assert_equal session.sessid, found.session_id
-      ensure
-        klass.drop_table!
-        Session.reset_column_information
-      end
-
       def test_find_by_session_id
         Session.create_table!
         session_id = "10"
@@ -140,33 +112,6 @@ def test_session_can_be_secured
         assert_equal secured, session.reload.read_attribute(:session_id)
       end
 
-      def test_session_can_be_secured_with_sessid_compatibility
-       # Force class reload, as we need to redo the meta-programming
-        ActiveRecord::SessionStore.send(:remove_const, :Session)
-        load 'active_record/session_store/session.rb'
-
-        Session.reset_column_information
-        klass = Class.new(Session) do
-          def self.session_id_column
-            'sessid'
-          end
-        end
-        klass.create_table!
-        session_id = 'unsecure'
-        session = klass.create!(:data => 'world', :sessid => 'foo')
-        session.update_column(:sessid, session_id)
-
-        assert_equal 'unsecure', session.read_attribute(:sessid)
-
-        session.secure!
-
-        secured = Rack::Session::SessionId.new(session_id).private_id
-        assert_equal secured, session.reload.read_attribute(:sessid)
-      ensure
-        klass.drop_table!
-        Session.reset_column_information
-      end
-
       def test_secure_is_idempotent
         Session.create_table!
         session_id = 'unsecure'