Is it possible to set the cookie domain to something other than the current domain when a session is created with Authlogic?
When a new account is created from our signup domain, I’d like to redirect the user to their subdomain account and log the user in.
Current controller:
def create
@account = Account.new(params[:account])
if @account.save
@user_session = @account.user_sessions.create(@account.users.first)
# I'd like the cookie domain to be [@account.subdomain, APP_CONFIG[:domain]].join(".")
redirect_to admin_root_url(:host => [@account.subdomain, APP_CONFIG[:domain]].join("."))
else
render 'new'
end
end
If you do:
config.action_controller.session[:domain] = '.YOURDOMAIN.COM'in your production.rb file, that will allow you to have everyone logged in on all subdomains of your subdomain. If you then add a filter (or whatever, but I use a filter so I know that works) that checks that someone is actually using the right domain before you show controller stuff, it works pretty well.
As an example, you could store the appropriate subdomain for the session as a session variable and give people link options to their specific things if they were on your main domain or looking at a page on someone else’s subdomain.
This seems to be the general pattern for doing this sort of thing — if you set a cookie specific to the subdomain otherwise you won’t be able to tell when they’ve logged in to the main site. I also have a ‘
users_domain?‘ helper that ends up getting called occasionally in views when I do this.If you don’t want to have those sorts of common web design patterns, wesgarrion’s single use -> session creation on subdomain is also a way to go. I just thought I’d mention this as a design / interaction / code issue.