Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Share session (cookies) between subdomains in Rails?

Tags:

ruby-on-rails

session

devise

I have an app setup where each user belongs to a company, and that company has a subdomain (I am using basecamp style subdomains). The problem that I am facing is that rails is creating multiple cookies (one for lvh.me and another for subdomain.lvh.me) which is causing quite a few breaks in my application(such as flash messages being persistent though out all requests once signed in).

I have this in my /cofig/initilizers/session_store.rb file:

AppName::Application.config.session_store :cookie_store, key: '_application_devise_session', domain: :all

The domain: :all seems to be the standard answer I found on Google, but that doesn't seem to be working for me. Any help is appreciated!

like image 947
Wahaj Ali Avatar asked May 01 '12 19:05

Wahaj Ali

People also ask

Can you share cookies across subdomains?

If you want to share cookies across subdomains, but leave out other subdomains, you should explicitly state which subdomains you want to read them, setting a new cookie for each, rather than using wildcards.

Are subdomains first party cookies?

no cookie is treated as a 3rd party cookie. Seems to have worked, so ASP.NET session cookies on different subdomains still count as first party. A cookie set on a website that is loaded in an iframe of a different website is considered to be a third party cookie to the parent website.

What is Tld_length?

The tld_length parameter is used in splitting HOST into domain and subdomain components. Unfortunately, @@tld_length is used in other functions, so to be thread safe you would have to find and rewrite all those functions as well as provide thread-local storage.

1 Answers

As it turns outs 'domain: all' creates a cookie for all the different subdomains that are visited during that session (and it ensures that they are passed around between request). If no domain argument is passed, it means that a new cookie is created for every different domain that is visited in the same session and the old one gets discarded. What I needed was a single cookie that is persistent throughout the session, even when the domain changes. Hence, passing domain: "lvh.me" solved the problem in development. This creates a single cookie that stays there between different subdomains.

For anyone needing further explanation, this is a great link: http://excid3.com/blog/sharing-a-devise-user-session-across-subdomains-with-rails-3/

like image 69
Wahaj Ali Avatar answered Sep 22 '22 04:09

Wahaj Ali
Sign in to Comment

Related questions

undefined method `visit' when using RSpec and Capybara in rails
How to tell if rails is in production?
Rails keeps telling me that it's not currently installed
Mongodb: What to know before using? [closed]
How is spec/rails_helper.rb different from spec/spec_helper.rb? Do I need it?
What does force_ssl do in Rails?
Ruby on Rails - How do I render an action without the application layout?
Use YAML with variables
How to make a list of associative array in yaml
Which Ruby on Rails is compatible with which Ruby version?
Correct MySQL configuration for Ruby on Rails Database.yml file
Rails: Order with nulls last
What are the WordPress alternatives for Ruby on Rails? [closed]
warning: constant ::Fixnum is deprecated When generating new model
Speeding up RSpec tests in a large Rails application
How to store data in S3 and allow user access in a secure way with rails API / iOS client?
Using Rails link_to for links that post
Rails 3 Migration with longtext
How to run a .rb file from IRB?
Rails: link_to image tag. how to add class to a tag

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!