rails 3.2子域和设计
我有一个应用程序,用户可以登录到他们的公司子域。
我用设计。 此代码将用户从根域重定向到子域。
def after_sign_in_path_for(resource_or_scope) scope = Devise::Mapping.find_scope!(resource_or_scope) subdomain_name = current_user.firm.subdomain if current_subdomain.nil? # logout of root domain and login by token to subdomain token = Devise.friendly_token current_user.loginable_token = token current_user.save sign_out(current_user) flash[:notice] = nil home_path = valid_user_url(token, :subdomain => subdomain_name) return home_path else if subdomain_name != current_subdomain.name # user not part of current_subdomain sign_out(current_user) flash[:notice] = nil flash[:alert] = "Sorry, invalid user or password for subdomain" end end super end 它在chrome,firefox,opera和safari中运行得非常好,但它在IE9中不起作用。 我没有收到任何错误消息。 从日志中我看到用户获得了sigend,当用户被重定向到主页时,他/她是未经授权的。 有谁知道发生了什么? 形成日志。
Processing by SessionsController#create as HTML Parameters: {"utf8"=>"✓", "authenticity_token"=>"JaffZi9f+Uyovuya8wR2u7LjG9w/3wdUDqTqONt/kFM=", "user"=>{"email "=>"andreas@lizz.no", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Sign in"} User Load (0.0ms) SELECT "users".* FROM "users" WHERE "users"."email" = ''whatever@atlatis.at' LIMIT 1 (0.0ms) begin transaction (1.0ms) UPDATE "users" SET "last_sign_in_at" = '2012-03-02 20:46:06.658370', "current_sign_in_at" = '2012-03- 02 20:56:29.481286', "sign_in_count" = 41, "updated_at" = '2012-03-02 20:56:29.482286' WHERE "users"."id" = 1 [paperclip] Saving attachments. (62.0ms) commit transaction Firm Load (0.0ms) SELECT "firms".* FROM "firms" WHERE "firms"."id" = 1 LIMIT 1 Firm Load (0.0ms) SELECT "firms".* FROM "firms" WHERE "firms"."subdomain" = 'den' LIMIT 1 CACHE (0.0ms) SELECT "firms".* FROM "firms" WHERE "firms"."subdomain" = 'den' LIMIT 1 Redirected to http://den.lvh.me:3000/ Completed 302 Found in 182ms (ActiveRecord: 0.0ms) Started GET "/" for 127.0.0.1 at 2012-03-02 21:56:29 +0100 Processing by PrivateController#statistics as HTML Firm Load (0.0ms) SELECT "firms".* FROM "firms" WHERE "firms"."subdomain" = 'den' LIMIT 1 Completed 401 Unauthorized in 2ms Started GET "/users/sign_in" for 127.0.0.1 at 2012-03-02 21:56:29 +0100 Processing by SessionsController#new as HTML Rendered devise/_links.erb (2.0ms) Rendered devise/sessions/new.html.erb within layouts/registration (13.0ms) Completed 200 OK in 27ms (Views: 26.0ms | ActiveRecord: 0.0ms)
如果您跨越子域,最好只将会话cookie更改为跨域。
在初始化程序中编辑session-store.rb文件可以做到这一点。
Babyreveal::Application.config.session_store :cookie_store, key: '_babyreveal_session', :domain => ".mybabyreveal.com"
请注意。 域名attribtue上的前缀。 这允许跨子域访问此cookie,应用程序应该跨子域维护它的会话。 可能不是100%你想要的,但它应该让你朝着正确的方向前进。