I set my cookies at root domain level ( lvh.me in dev) , accessible from
within each subdomain
w session store initializer :
Rails.application.config.session_store :active_record_store, :key =>
''_tests_session'', :domain => :all
( good for persisted facebook authentication when user login into a
different subdomain)
when a user login into a subdomain, I have
cookies[:login]
"{:user_id=>3, :subdomain_name=>\"coocoo\"}"
when the user logout , I should delete this cookie,
cookies.delete(:login, :host => Rails.configuration.host) if cookies[:login]
but it doesn''t delete it ... any clue ?
thanks for feedback
--
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To view this discussion on the web visit
https://groups.google.com/d/msg/rubyonrails-talk/-/I3DUIOVCJNUJ.
For more options, visit https://groups.google.com/groups/opt_out.
On Mon, Nov 12, 2012 at 11:47 AM, Erwin <yves_dufour-ee4meeAH724@public.gmane.org> wrote:> I set my cookies at root domain level ( lvh.me in dev) , accessible from > within each subdomain > w session store initializer : > Rails.application.config.session_store :active_record_store, :key => > ''_tests_session'', :domain => :allDid you try setting your domain to the actual domain? Rails.application.config.session_store :active_record_store, :key => ''_tests_session'', :domain => ''example.com''> when a user login into a subdomain, I have > cookies[:login] > "{:user_id=>3, :subdomain_name=>\"coocoo\"}" > > when the user logout , I should delete this cookie, > cookies.delete(:login, :host => Rails.configuration.host) if cookies[:login] > > but it doesn''t delete it ... any clue ?-- Greg Donald -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit https://groups.google.com/groups/opt_out.
It''s not useful in my case , as I am using FB & Google
authentification,
the callback can be set only to the main domain
using the :state parameter I can redirect to the calling subdomain on
FB/Google callback
but before the redirect I need to delete the previous session/cookies (
user may have been logged in an another subdomain or root domain)
setting :domain => :all , means that the cookies :host is/should_be
''.example.com''
and I should be able to delete it : ( as per Rails API)
cookies.delete(:login, :host => ''.example.com'') but
it''s not working
I am going to test another way : expiring the cookie,...
def remove_all_cookies(domain=nil)
unless domain.nil?
cookies.to_hash.each_pair { |k, v| cookies[k.to_sym] = { :value =>
'''', :path => ''/'', :domain => domain,
:expire => 1.day.ago } }
end
end
Le mardi 13 novembre 2012 05:24:02 UTC+1, Greg Donald a écrit
:>
> On Mon, Nov 12, 2012 at 11:47 AM, Erwin
<yves_...-ee4meeAH724@public.gmane.org <javascript:>>
> wrote:
> > I set my cookies at root domain level ( lvh.me in dev) , accessible
> from
> > within each subdomain
> > w session store initializer :
> > Rails.application.config.session_store :active_record_store, :key
=>
> > ''_tests_session'', :domain => :all
>
> Did you try setting your domain to the actual domain?
>
> Rails.application.config.session_store :active_record_store, :key =>
> ''_tests_session'', :domain =>
''example.com''
>
> > when a user login into a subdomain, I have
> > cookies[:login]
> > "{:user_id=>3, :subdomain_name=>\"coocoo\"}"
> >
> > when the user logout , I should delete this cookie,
> > cookies.delete(:login, :host => Rails.configuration.host) if
> cookies[:login]
> >
> > but it doesn''t delete it ... any clue ?
>
>
>
> --
> Greg Donald
>
--
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msg/rubyonrails-talk/-/L-aaEwIGO94J.
For more options, visit https://groups.google.com/groups/opt_out.
[SOLVED] the issue was not with cookies .. I had to change the way I
handle the session store w subdomain ... should not using domain => :all
I finally set in initializers/session_store.rb
Rails.application.config.session_store :active_record_store, :key =>
''_myapp_session'', :domain => {
production: ''myapp.com'',
development: ''lvh.me''}.fetch(Rails.env.to_param.to_sym,
:all)
so now I can set/delete the cookies[:login] according to user
authentication w FB/Google and originated subdomain ( parameter :state in
URL)
on signout, I have to delete the cookies[:login], on redirection I have to
check if the cookies[:login] is related to the subdomain else delete it...
great post and link about it :
Quoted- As it turns outs ''domain: all'' creates a cookie for
all the
different subdomains that are visited during that session (and it ensures
that they are passed around between request).
If no domain argument is passed, it means that a new cookie is created for
every different domain that is visited in the same session and the old one
gets discarded.
What I needed was a single cookie that is persistent throughout the
session, even when the domain changes. Hence, passing ''domain:
lvh.me''
solved the problem in development. This creates a single cookie that stays
there between different subdomains.
For anyone needing further explanation,
this is a great link:
http://excid3.com/blog/sharing-a-devise-user-session-across-subdomains-with-rails-3/
Le mardi 13 novembre 2012 07:46:37 UTC+1, Erwin a écrit
:>
> It''s not useful in my case , as I am using FB & Google
authentification,
> the callback can be set only to the main domain
> using the :state parameter I can redirect to the calling subdomain on
> FB/Google callback
> but before the redirect I need to delete the previous session/cookies (
> user may have been logged in an another subdomain or root domain)
>
> setting :domain => :all , means that the cookies :host is/should_be
''.
> example.com''
> and I should be able to delete it : ( as per Rails API)
>
> cookies.delete(:login, :host => ''.example.com'') but
it''s not working
>
> I am going to test another way : expiring the cookie,...
>
> def remove_all_cookies(domain=nil)
> unless domain.nil?
> cookies.to_hash.each_pair { |k, v| cookies[k.to_sym] = { :value
=>
> '''', :path => ''/'', :domain =>
domain, :expire => 1.day.ago } }
> end
> end
>
>
> Le mardi 13 novembre 2012 05:24:02 UTC+1, Greg Donald a écrit :
>>
>> On Mon, Nov 12, 2012 at 11:47 AM, Erwin
<yves_...-ee4meeAH724@public.gmane.org> wrote:
>> > I set my cookies at root domain level ( lvh.me in dev) ,
accessible
>> from
>> > within each subdomain
>> > w session store initializer :
>> > Rails.application.config.session_store :active_record_store, :key
=>
>> > ''_tests_session'', :domain => :all
>>
>> Did you try setting your domain to the actual domain?
>>
>> Rails.application.config.session_store :active_record_store, :key =>
>> ''_tests_session'', :domain =>
''example.com''
>>
>> > when a user login into a subdomain, I have
>> > cookies[:login]
>> > "{:user_id=>3,
:subdomain_name=>\"coocoo\"}"
>> >
>> > when the user logout , I should delete this cookie,
>> > cookies.delete(:login, :host => Rails.configuration.host) if
>> cookies[:login]
>> >
>> > but it doesn''t delete it ... any clue ?
>>
>>
>>
>> --
>> Greg Donald
>>
>
--
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msg/rubyonrails-talk/-/0U3ilTT8sI8J.
For more options, visit https://groups.google.com/groups/opt_out.