I have a rails app (v4.1.6 at the moment) that uses Devise. I have configured a subfolder to serve up WordPress for a blog. That is: http://my_app.com --> rails app http://my_app.com/blog --> wordpress That is all working great, but I also want the user to be logged in to wordpress when logged into the Rails app. I did this years ago by having the wordpress server send a request to the rails app using the browser's cookie. At some point (I forget, maybe Rails 3.1?), Rails got smart enough to figure out that the cookie wasn't coming from the browser and it invalidated the session. So, now I've got the same business need and am looking for a solution again. Is there a way to get Rails to not invalidate my session when I reuse the cookie from the server? I'd like to create a new action "/get_current_user" that I can call from wordpress. If I can relax the rails security for just that call, I think I can do the rest. (There's a plugin https://wordpress.org/plugins/rails-integration-api/ that looks like it would be perfect, except for the part that it is no longer maintained, doesn't work, and the developer's website is gone.) -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/CABceSpDVN_ZJgQ6CvrgSFbmG3nysuzHm5FDGmto2odQP11W9SA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.