如何使用 Rails 跨多个域共享用户会话? [英] How can I share user sessions across multiple domains using Rails?

问题描述

有没有人知道任何让用户能够在一个域中登录网站并在同一会话中自动获得对其他合作伙伴域的访问权限的宝石、教程或解决方案?

Is anyone aware of any gems, tutorials, or solutions enabling a user to sign in to a website at one domain and automatically given access to other partner domains in the same session?

我有两个 Rails 应用在运行，我们称它们为 App-A 和 App-B.App-A 有一个与之关联的数据库，为 App-A.com 上的注册和登录提供支持.我现在想让所有拥有 App-A.com 帐户的用户都可以访问 App-B.com，而无需让他们重新注册或单独手动登录 App-B.com.

I have two rails apps running, let's call them App-A and App-B. App-A has a database associated with it, powering the registration and login at App-A.com. I'd now like to give all of those users with App-A.com accounts access to App-B.com, without making them reregister or manually login to App-B.com separately.

在此先感谢您的帮助！--马克

Thanks in advance for any help! --Mark

推荐答案

您可以在两个应用中设置相同的 session_key.在 appA environment.rb 中更改 session_key，像这样

You can set the same session_key in both apps. In appA environment.rb change the session_key, like this

Rails::Initializer.run do |config|
   ...  
 config.action_controller.session = {
   :session_key => '_portal_session',
   :secret      => '72bf006c18d459acf51836d2aea01e0afd0388f860fe4b07a9a57dedd25c631749ba9b65083a85af38bd539cc810e81f559e76d6426c5e77b6064f42e14f7415'
  }
  ...
end

在 AppB 中做同样的事情.(记住使用完全相同的秘密)

Do the same in AppB. (remember to use the very same secret)

现在您已共享会话.假设您使用 restfull_authentication，它设置了一个名为 user_id 的会话变量.当您在 appA 中进行身份验证时，它会在会话中设置 user_id.现在，在 appB 中，您只需验证会话中是否存在 user_id.

Now you have shared sessions. Let's say you use restfull_authentication, wich sets a session variable called user_id. When you authenticate in appA it sets the user_id in the session. Now, in appB you just have to verify if user_id exists in the session.

这是整体架构，你可以用这个想法详细说明.

This is the overall schema, you can elaborate more using this idea.

这篇关于如何使用 Rails 跨多个域共享用户会话?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！