Share session between subdomains? #108

Closed
manuelmeurer opened this Issue Jan 6, 2012 · 16 comments

Projects

None yet

8 participants

@manuelmeurer

Is it possible to share session data between subdomains?
I am trying to set a session cookie on domain.com and access it on sub.domain.com but it won't work.
I tried using the domain parameter, which is used in the :cookie_store, with the values .domain.com and :all but to no avail.

@sandrew

this code works for me:

Mainpeople::Application.configure do
  config.session_store :redis_store, redis_server: Settings.redis.url, domain: '.'+Settings.base_host.gsub(/:.*/, '')
end
@krzkrzkrz

Any updates on this?

@mulderp

This works for me for sharing sessions across Heroku domains:

use Rack::Session::Cookie, :key => 'rack.session', :secret => "123", :domain => ".herokuapp.com"

And In the other application the same line.

@krzkrzkrz

You are using rack.session instead of redis_store?

@jodosha
redis-store member

As I know, there was a bug in ActionPack, try with this: https://coderwall.com/p/9_ow7a

@krzkrzkrz

Hmmm, the patch does not support 3.2.11. I'll change:

s.add_dependency 'actionpack', '3.2.8

To:

s.add_dependency 'actionpack', '3.2.11

Hope it doesn't break anything

@krzkrzkrz

Update. Still the same issue. That patch doesn't solve anything...

@jodosha
redis-store member

Have you checked the diff between 3.2.8 to 3.2.11? Maybe that monkey-patch isn't valid anymore. I created it while working on a Rails 3.2.6 app at that time.

@krzkrzkrz

redis_store does not play well with :domain => :all or any other :domain settings...

I checked again with the traditional :cookie_store, :domain => :all works like a breeze. Wish redis_store could do that just as well

@sarmiena

Any news on this?

@sarmiena

@jodosha I think we just need to do this:

module Rack
  module Session
    class Redis < ActionDispatch::Session::AbstractStore
@sarmiena sarmiena added a commit to sarmiena/redis-store that referenced this issue Jan 22, 2013
@sarmiena sarmiena fixes #108 share between sessions in rails 3.2.11 a040a98
@ScotterC

The problem is that the options aren't getting pushed up to rack's cookie options because of how one would assume they should be set. Redis Rack takes the options here.

One would probably write the options like this:

{ :redis_server => {:namespace => 'test:rack:session', domain => '.lvh.me'}

It might look like calling super would push the options given up to rack's initialize method but it's not since they're contained within the redis_server key so rack ignores them.

If written like this however:

{ :redis_server => {:namespace => 'test:rack:session'}, :domain => '.lvh.me'})

The domain '.lvh.me' does get pushed up to Rack's options. Note: I'm using lvh.me because it was the quickest way to verify. When trying to use pow with a *.dev domain I couldn't seem to get the naming right and sessions would just fail completely.

Ultimately, there needs to be better documentation for how redis server and cookie options are set. I feel that half the pull requests right now are due to options not correctly getting applied and it takes a solid few hours for one to re-learn the redis-store codebase, understand what's happening and realize that it's just an undocumented configuration issue.

@jodosha
redis-store member

@ScotterC would you please open a PR with the fix? Appreciate it, thanks! 🎩

@ScotterC

@jodosha Sure. Do you feel that a documentation update is sufficent or simplifying how the options get passed to Rack vs Redis?

@jodosha jodosha closed this Aug 29, 2013
@Soliah

Should this be working in the latest version now that everything has been extracted out to separate gems? Because it doesn't seem to be working for me in redis-rails.

@ScotterC

@Soliah If you're using Rails, you can use my fork which I've had in production for the last year. It simply forces the inheritance of ActionDispatch so that the options are correct.

You can still use the rest of redis-store like this:

gem "redis-rails",                  '~> 4.0' 
gem "redis-rack",                   github: "ScotterC/redis-rack", branch: 'rails-cookie-options'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment