如何使用 Rails 将设备登录信息传递到不同的应用程序中 [英] How to pass devise sign_in information into different application with rails

查看:16
本文介绍了如何使用 Rails 将设备登录信息传递到不同的应用程序中的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我有 3 个应用程序需要使用 SSO、https 和设计的组合进行身份验证.我想弄清楚的是如何在一个 Rails 应用程序上执行登录,并让相关信息(cookie、会话等)沿链向下传递,以便外部 Web 浏览器可以查看信息.

I have 3 applications which need to talk to each other using a combination of SSO, https and devise for authentication. What I'm trying to figure out is how to perform a sign in on one rails application and have the relevant (cookies, sessions, whatever) passed down the chain so that an external web browser can view the information.

这是三个应用程序的流程.

Here is the flow of the 3 applications.

  • 第一个应用程序是一个 WEB 门户.它发送一堆与 sso(单点登录)相关的字符串到 api.
  • 第二个 API_APP 应用程序验证信息并通过它放在一个 Rails 应用程序上.
  • 此 RAILS_APP 应用程序验证api的信息并使用devise的用户登录sign_in_and_redirect"辅助方法

现在是棘手的部分.如何将信息从 RAILS_APP 沿链传递回 WEB_PORTAL,以便它可以查看门户网站可以查看已登录的用户帐户?

Now heres the tricky part. How do I pass the information from RAILS_APP back along the chain to the WEB_PORTAL so that it can view the web portal can view the signed in users account?

更多信息:

我承认架构不太理想,但不幸的是目前无法更改.WEB_PORTAL 实现不是那么重要,但我认为 API_APP 需要一些工作.

I admit the architecture is less than ideal but unfortunately it cannot be changed at this time. The WEB_PORTAL implementation is not so important but I think the API_APP is going to need some work.

API_APP 将信息格式化成这样的网络 http 请求

API_APP formats the information into a net http request like so

uri = URI.parse(MY_RAILS_APP_URI)
http = Net::HTTP.new(uri.host, uri.port)
request = Net::HTTP::Post.new(uri.request_uri, initheader = {'Content-Type' =>'application/json'})
request.body = {"email" => email, "id" => id, "email" => email, "timestamp" => timestamp, "token" => token}.to_json
response = http.request(request)
location = response.header['location'] #if the RAILS_APP returns a 302

对如何让 WEB_PORTAL 登录有任何想法吗?

Any thoughts on how to get the WEB_PORTAL signed in?

推荐答案

通过将 cookie 设置为包含所有子域,我解决了类似的问题.我不知道这对你来说是否可行.我让 foo.example.com 与 bar.example 和 www.example.com 共享 cookie 信息.我相信可能也适用于您的情况.

I've had a similar problem fixed by having my cookies set to include all subdomains. I don't know if that is possible for you. I had foo.example.com sharing cookie information with bar.example and www.example.com. Might also work in your case I believe.

这篇关于如何使用 Rails 将设备登录信息传递到不同的应用程序中的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆