You’re not receiving notifications from this thread.
Sharing Cookies with Subdomains in Rails Discussion
Would it be possible for you to add subtitles in Portuguese or English? I am Brazilian, I can understand English subtitles. If you can in English it helps a lot.
Is there a strategy for sharing a login session between two different domains?
As I understand it, the episode covered sharing credentials between subdomains of the same domain. For example, foo.example.com & bar.example.com
Is there a way of sharing credentials between foo.com and bar.com ?
Would this work for authenticating from non Rails app on a subdomain? For example if we have a Rails app hosted at foo.com, and then a Next.js app on bar.foo.com, could the Rails app authenticate API requests coming from bar.foo.com using the session cookie?
So i'm using Devise for authentication and i've got everything working for signing up and signing in, but i need some help with signing out.
There's a 'home' controller and view that is the landing page for unauthenticated users at 'lvh.me:3000' and then there's a 'dashboards' controller and view that becomes the root path for a user who is signed in. They sign in, hit a before_action in my ApplicationController, get redirected to 'test.lvh.me:3000' where 'test' is the subdomain for the account, and see the dashboard page.
Here's my before_action to redirect once they're logged in:
def redirect_to_subdomain return unless user_signed_in? if request.subdomain.blank? if current_user.accounts.exists? redirect_to root_url(subdomain: current_user.accounts.first.subdomain) end else unless current_user.accounts.pluck(:subdomain).include?(request.subdomain) redirect_to root_url(subdomain: current_user.accounts.first.subdomain) end end end
When they sign out, I want them to have their session destroyed (obviously) and then have them sent back to 'lvh.me:3000'. Currently, they sign out, the session gets destroyed (i can see the button text change and the account name disappear from the nav), but the URL remains 'test.lvh.me:3000'. I see that Devise's default sign out path helper is:
def after_sign_out_path_for(resource_or_scope) scope = Devise::Mapping.find_scope!(resource_or_scope) router_name = Devise.mappings[scope].router_name context = router_name ? send(router_name) : self context.respond_to?(:root_path) ? context.root_path : "/" end
Is there some way to override this? My assumption here is that because Devise uses root_path instead of root_url, it's not taking the subdomain off of the route. Any thoughts on how to achieve what I want?
Aha! I fixed this by overriding this method in my ApplicationController with the following:
def after_sign_out_path_for(resource_or_scope) scope = Devise::Mapping.find_scope!(resource_or_scope) router_name = Devise.mappings[scope].router_name context = router_name ? send(router_name) : self context.respond_to?(:root_url) ? context.root_url(:host => request.domain) : "/" end
Note the root_url(:host => request.domain) piece. Apparently root_url(:subdomain => false) doesn't exist. Find more discussion here: https://github.com/rails/rails/issues/2025
Would this work in the reverse situation? Where the Rails app is on a subdomain and the primary domain is pointing to a frontend app?
Any tips how to make subdomains work with ActionCable?
I got an error on subdomains:
Refused to connect to '<URL>' because it violates the following Content Security Policy directive: "connect-src 'self'
Is there any way to share session information between subdomains when the session_store is set to :redis_session_store