RAILS / DEVISE - setting a cookie to save in different subdomains

Question

RAILS / DEVISE - setting a cookie to save in different subdomains

I am using an authentication program and want the following to work:

The user is registered at [ http://mydomain.com] .
The user makes a payment on [ https://secure.mydomain.com]
User returns to [ http://mydomain.com/action] to continue using the system

I follow this guide: http://clearcove.ca/blog/2010/11/how-to-secure-a-rails-app-on-heroku-with-ssl-firesheep/

but I'm in the part where I need to get Devise to do what authlogic does here. Help!!;)

+9

ruby-on-rails devise

user531065 Jan 28 2018-11-11T00

source share

2 answers

Kelly · Answer 1 · 2011-03-21 17:56

Maybe I'm a little late for this, but for those looking to the future, this is a pretty simple solution. Add this to your environment configuration file:

Rails3App::Application.config.session_store :cookie_store, :key => '_rails3_app_session', :domain => :all # change "Rails3App" to the name of your rails app.

The important part of this is: domain =>: all, as it tells Rails to allow subdomains. Others suggested using: domain => ".mydomain.com", but: domain =>: everything does the job and does not require you to enter your domain name.

Note: if it does not work when you restart the server, you probably have a session_store.rb file in your initializer / folder that overrides it. Just change the line in this file or delete this file and move it to your configuration.

In addition, I had to specifically place the line in the production.rb file, because changing it in the session_store.rb file violated my development sessions (using the IP address).

Rin · Answer 2 · 2012-09-11 11:48

Application: if it still does not work, although you are sure to delete the old cookies, rename the cookie key - just to make sure. (After hours of troubleshooting, that was all I really needed to do to make it work.)

RAILS / DEVISE - setting a cookie to save in different subdomains

More articles: