什么是Rails 3 session_store域:所有真的吗? [英] What does Rails 3 session_store domain :all really do?
问题描述
更新问题以使其更清楚
我知道您可以将session_store的域设置为在子域之间共享会话: Rails.application.config.session_store:cookie_store,:key => '_my_key',:domain => Rails 3中的mydomain.com
I understand that you can set the domain of your session_store to share sessions between subdomains like this: Rails.application.config.session_store :cookie_store, :key => '_my_key', :domain => "mydomain.com"
,:domain => :all
do?它不能让您在顶级域之间共享会话,Cookie不能这样做。文档说它假设一个顶级域。
in Rails 3, what does the setting :domain => :all
do? It can't let you share sessions across top-level domains, cookies can't do that. The documentation says it assumes one top level domain. So what happens if multiple domains access your app?
在我的应用程式中,我的使用者可以建立一个主要网域的个人子网域,但也可以透过自己的网域存取该子网域自定义域。
In my app, my users can create personal subdomains of one main domain, but then can also access that subdomain via their own custom domain.
什么是正确的session_store域设置,以便我可以:
a)在我的主域的所有域中共享会话,例如mydomain.com
b)通过CNAME自定义网址(例如some.otherdomain.com)访问其个人子域(例如user1.mydomain.com)的用户仍可创建单独的会话。
What is the correct session_store domain setting so that I can: a) share sessions across all domains of my primary domain, eg "mydomain.com" b) users who access their personal subdomain eg "user1.mydomain.com" via a CNAME custom url like "some.otherdomain.com" can still create separate sessions.
感谢
推荐答案
确定,完成此操作的方法是动态设置会话cookie上的域。为了尽早做到这一点,它应该作为机架中间件:
OK, the way to accomplish this is to set the domain on the session cookie dynamically. To do this early enough it should be done as rack middleware:
# Custom Domain Cookie
#
# Set the cookie domain to the custom domain if it's present
class CustomDomainCookie
def initialize(app, default_domain)
@app = app
@default_domain = default_domain
end
def call(env)
host = env["HTTP_HOST"].split(':').first
env["rack.session.options"][:domain] = custom_domain?(host) ? ".#{host}" : "#{@default_domain}"
@app.call(env)
end
def custom_domain?(host)
host !~ /#{@default_domain.sub(/^\./, '')}/i
end
end
这篇关于什么是Rails 3 session_store域:所有真的吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!