Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Rails session_store multiple domains

I have a non-unique (other people must have solved this) issue around sessions.

The scenario is that I have 5 top level domains (domain_a, domain_b, domain_c, domain_d, domain_e), and multiple subdomains under each. My app is required to share sessions between subdomains in the same top level domain e.g sub_1.domain_b.com & sub2.domain_b.com can share, but sub_3.domain_c.com would be a different session. To make matters more complex, it would be ideal if domains a & b, and c & d where also to be able to share sessions.

So the rules:

  • domain_a shares session with domain_b, and with all the subdomains within them. Happy for this to be in a cookie_store

  • domain_c shares session with domain_d, and with all the subdomains within them. Happy for this to be in a cookie_store

  • domain_e only shares its session within its subdomains. This needs to be in an active_record_store

How can I make this work?

I've tried creating an initialiser with the below in:

MyApp::Application.config.session_store :cookie_store, :key => '_domain_a', :domain => '.domain_a.com'

MyApp::Application.config.session_store :cookie_store, :key => '_domain_b', :domain => '.domain_b.com'

MyApp::Application.config.session_store :cookie_store, :key => '_domain_c', :domain => '.domain_c.com'

MyApp::Application.config.session_store :cookie_store, :key => '_domain_d', :domain => '.domain_d.com'

MyApp::Application.config.session_store :active_record_store, :key => '_domain_e', :domain => '.domain_e.com'

However I am not sure that this is working. domain_e.com session works, which would make sense as it is the last declaration, any thoughts?

like image 496
ABrowne Avatar asked Sep 25 '12 13:09

ABrowne


1 Answers

See: What does Rails 3 session_store domain :all really do? The selected answer can probably help you to allow common sessions between subdomains and separate sessions between top level domains. To make the same session be valid in different top level domains, is much trickier, but perhaps this question could help you forward: Rails - Multiple top level domains and a single session/cookie

like image 91
Gnomet Avatar answered Oct 02 '22 06:10

Gnomet