扶手：一个应用程序有2个域 - 共享认证 [英] Rails: one app with 2 domains - share authentication

问题描述

我的网站是在mydomain.com在Heroku与设计验证。

My site is at mydomain.com on Heroku with Devise authentication.

我买了一个简短的网址me.do，我也点我一样的Heroku的应用程序。

I bought a short url me.do that I also point to my same Heroku app.

当用户签署在mydomain.com我也需要他们签署在me.do因此当他们去在mydomain.com他们不必再次登录登录后me.do，

When a user is signed in on mydomain.com I also need them to be signed in on me.do so when they go to me.do after signing in at mydomain.com they don't have to sign in again.

我如何使用设计共享认证会话都mydomain.com和me.do？

How can I share authentication sessions using Devise on both mydomain.com and me.do?

推荐答案

有是分享跨域认证没有简单的方法，因为认证通常是注定只绑定到一个域并在无法访问的cookies（会话）域。

There is no easy way to share authentication across domains, since the authentication usually is bound to cookies (sessions) which only bind to one domain and are not accessible across domains.

您可以管理到有这样的事情，唯一的方法是确保您设置在登录两个域的cookie。您可以通过重定向循环做到这一点：

The only way you can manage to have something like this is to make sure you set cookies on both domains on login. You can do this via a redirect loop:

• 登录请求到达domain1的（例如从登录表单）


• 您设置的域为会话cookie


• 然后进行重定向到DOMAIN2和设置会话cookie有


• ，然后将用户重定向回域1（继续在那里他最初打算）

要确保这是不是一个死循环，你必须在重定向添加一些参数，知道如何处理这种情况。

to make sure this is not an endless loop you have to add some parameters in the redirects to know how to handle the situation.

但是，如果在所有可能避免它，我劝你不要来实现这一点。这是非常糟糕的做法有没有独特的领域。甚至允许带www和不带域可以导致相当多，为用户和许多烦恼给开发者的困惑 - 在你的情况会更差。

BUT if at all possible to avoid it, i would advise you not to implement this. It is really bad practice to have not unique domains. even allowing domains with www and without can lead to quite a bit of confusion for the user and a lot of headaches to the developer - in your case it will be even worse.

会话没有，因为他们通常会是有用的。设置其他Cookie或会话值不工作了（除非你每次都再次进行环）。而直到用户实际使用他的会话甚至有可能已经过期第二个域（取决于您的认证框架如何处理它）。
这些只是一些问题你可能会遇到。

The sessions are not as useful as they would normally be. Setting additional cookies or session values does NOT work anymore (unless you do the loop every time again). And until the user actually uses the second domain his session there might even have expired (depending how your authentication framework handles it). Those are just some of the issues you might run into.

这篇关于扶手：一个应用程序有2个域 - 共享认证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！