Devise Not Working Well with Multiple Subdomains on Ror3 Application

Devise not working well with multiple subdomains on RoR3 application

According to this guy here: Rails: how can I share permanent cookies across multiple subdomains? You need to set the domain manually? Googling around it looks like '.domainname.com' with the dot at the beginning really is the way to go.

If you inherit from Devise::SessionsController you can manually set it on create

class SessionsController < Devise::SessionsController
  def create
    # modify the cookie here
    super
  end
end

I am setting up a working example to test that out, I'll post back afterwards, cheers!

And here is my Edit

Forget tempering with the token on create. The problematic is this, you need to have the token domain set to '.lvh.me' that's all there is to it, but domain: '.lvh.me' just doesn't do anything. Here is my proof of concept and ultimately it boiled down to a single change inside a controller:

class HomeController < ApplicationController
  def index
    cookies[:_cookietest_session] = {domain: '.lvh.me'}
  end
end

In Chrome the token would look like this

And that for subdomain.lvh.me, lvh.me and any other subdomain I tried. I can sign_in/sign_out from any and the session is created/destroyed accordingly.

Now I wouldn't advise doing it the way I did, I liked the middleware approach I think it would work just fine if setup properly. Let me know if you need further help on this.

Cheers!

Ok last thing

I went back and tried domain: :all because it really ought to work as you have expected. If I access lvh.me I get a cookie with .lvh.me but if I got to subdomain.lvh.me I get one that reads .subdomain.lvh.me

Rails: Using Devise Across Multiple Subdomains

Change the config/initializers/session_store.rb

Bdc::Application.config.session_store :cookie_store, key: '_bdc_session', domain: .lvh.me, tld_length: 2

Devise: Sharing sessions (user state) across subdomains

We use the following for our subdomains:

# config/initializers/session_store.rb
# Be sure to restart your server when you modify this file.

Rails.application.config.session_store :cookie_store, key: '_[[name]]_session', domain: :all # tld_length info here: http://stackoverflow.com/questions/10402777/share-session-cookies-between-subdomains-in-rails/15009883#15009883

You should try setting domain: :all and maybe removing tld_length from the hash

Rails 3.2.8 - Share Devise Sessions Across Subdomains with POW

Make sure you clear your cookies and restart the app.

Appname::Application.config.session_store :cookie_store, :key => '_appname_session', domain: ".appname.dev"

domain: ".appname.dev" is the correct format for the domain option. The beginning period is important.

Rails: how can I share permanent cookies across multiple subdomains?

You need to specify the domain using a more verbose cookie setting method:

cookies[:some_cookie] = {
  :value => "whatever",
  :domain => ".app_name.com",
  :expires => 1.year.from_now.utc
}

I haven't found a configuration setting to do this globally yet.

Rails 3 - Help! Subdomains - Users Cannot Logout?

Specify the Domain.

I had the exact same issue and the culprit was using :domain => :all.

You'd think that would be all you need but it seems to cause some problems so I had to manually specify the domain with a preceding dot (.), like so:

:domain => '.lvh.me'

This fixed the issue in development. You can use different ways to set this in your various environments but I landed on something like this:

Rails.application.config.session_store :cookie_store, 
  :key => '_bloggit_session',
  :domain => { production:  '.bloggit.com',
               staging:     '.bloggitstaging.com',
               development: '.lvh.me' }.fetch(Rails.env.to_sym)

---

Related Topics