Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
sharing a devise user session across subdomains within rails 4 and devise 3

sharing-a-devise-user-session-across-subdomains

two key words, sample cookie_store key and secret_key_base devise_secret_key

Rails.application.config.session_store :cookie_store, key: "vcooline_ikcrm#{Rails.env}_#{SESSION_DOMAIN.try(:underscore)}_session", :domain => :all, :expire_after => 86400*90, :tld_length => 2

You might get weird things like halfway Devise sessions sharing, but only allowing you to create and destroy the session on the root domain. Using :all works great if you’re using localhost, but when I started using lvh.me:3000 for testing I had those problems (lvh.me stands for local vhost me and is a domain that simply points to localhost which makes for zero-config subdomain development. It’s super handy.).

get 'crm_base_agent/', to: "crm_base_agent#index"
# get 'crm_base_agent', to: redirect {|path_params, req|
#   uri = URI CROSS_SITES[:crm_base][:host]
#   uri.path = req.query_parameters[:path] if req.query_parameters[:path].present?
#   uri.to_s
# }
@andreibondarev
Copy link

andreibondarev commented Mar 18, 2020

@jhjguxin Quick question-- doesn't specifying SESSION_DOMAIN in the key: actually restrict sessions to specific subdomains?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment