Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Integrate django and RoR (ruby on rails)

Tags:

ruby-on-rails

django

integration

I have a website built by someone else with ruby-on-rails, and I'm now building a django application.

I need my users to sign in with my sign-in page built on django and surf my django pages (so far - easy to do) but I also need to add links on the sidebar to that RoR application (and from there they will be able to come back to my app).

The users shouldn't know that they are "leaving" the django app - for them its one website - that RoR app looks and feels the same for them.

A. How can I do this?
B. They sign in with the django app so the sessions and all user stuff will be managed by django. How can I "pass" sessions to the RoR app? Should I use iframe??
C. How do the links in django to the RoR url look like?

Thank you guys!

like image 601
reakh Avatar asked Aug 19 '11 12:08

reakh

1 Answers

The best practice here would be to look to how advertising networks share state across multiple properties. One commonly used method is a tracking pixel. For example, in your Django app, embed:

<img src="http://myrailsapp/mysession_creator" />

Make sure that your rails app responds at that address with a session. That will establish a session cookie on the rails domain.

Now to layer on security, and it depends on what level of security you need. You could pass in information, like: 

<img src="http://myrailsapp/mysession_creator?user=myUserName" />

Obviously not incredibly secure, but it depends on your app. A more secure method would be:

<img src="http://myrailsapp/mysession_creator?t=<MD5HashTokenHere>" />

Then the Rails app would have a mechanism of validating that token against the Django app server side (either through database state or a server side application call.) More work, but more secure.

Another method, if your applications share a root domain, you can use a secure cookie on the root domain to pass information between applications. For example, https://django.myapp.com sets a myapp.com cookie, and https://rails.myapp.com knows to look for a "username" cookie. Requires a wildcard SSL cert on the root domain.

Another option is to pass the token or login information with every link to the Rails app, and have a before_filter that recognizes the hand off and establishes the session in a similar way.

like image 188
Joshua Avatar answered Oct 13 '22 05:10

Joshua
Sign in to Comment

Related questions

Is it possible for Rails sessions to be created 'just in time'?
Detecting if this is an iframe load or direct
How to approach GROUP BY in PostgreSQL using Rails?
Rails 3 - has_many through with nested form
Reload Rails 3 initializer in development mode
Running Rails and PHP on Lighttpd on Linux
Omniauth: How to set authentication provider details at runtime
Ruby On Rails Hierarchical Relationship Modeling
Rails ActiveRecord serialize method doesn't work in test environment
Rails Devise routing error - "No route matches" (controller=>"devise/sessions")
Rails 2.3.11 DateTime BigDecimal Precision
java to rails - been there?
End-to-end testing a RESTful Web service (Rails)
I'm using Rails3 with tinymce. How to present user close browser javascript then input xss?
How to bind rvm with eclipse's settings
Where to Rake Task specific classes live? (Rails 3)
Pre-building view cache in Rails
How to render a remote file with rails
Heroku action caching doesn't seem to work
Rails application's port number in a rspec test

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!