rails 3.2 子域和设计

【问题标题】:rails 3.2 subdomains and deviserails 3.2 子域和设计
【发布时间】:2012-03-21 08:56:53
【问题描述】:

我有一个应用程序,用户可以在其中登录他们公司的子域。

我使用设计。这段代码将用户从根域重定向到子域。

def after_sign_in_path_for(resource_or_scope)
  scope = Devise::Mapping.find_scope!(resource_or_scope)
  subdomain_name = current_user.firm.subdomain
  if current_subdomain.nil?
    # logout of root domain and login by token to subdomain
    token =  Devise.friendly_token
    current_user.loginable_token = token
    current_user.save
    sign_out(current_user)
    flash[:notice] = nil
    home_path = valid_user_url(token, :subdomain => subdomain_name)
    return home_path
  else
    if subdomain_name != current_subdomain.name
      # user not part of current_subdomain
      sign_out(current_user)
      flash[:notice] = nil
      flash[:alert] = "Sorry, invalid user or password for subdomain"
    end
  end
  super
end

它在 chrome、firefox、opera 和 safari 中运行良好,但在 IE9 中无法运行。我没有收到任何错误消息。从日志中,我看到用户登录,当用户被重定向到主页时,他/她是未经授权的。有人知道发生了什么吗?形成日志。

Processing by SessionsController#create as HTML
Parameters: {"utf8"=>"✓",  
"authenticity_token"=>"JaffZi9f+Uyovuya8wR2u7LjG9w/3wdUDqTqONt/kFM=", 
"user"=>{"email
"=>"andreas@lizz.no", "password"=>"[FILTERED]", "remember_me"=>"0"}, 
"commit"=>"Sign in"}
User Load (0.0ms)  SELECT "users".* FROM "users" WHERE 
"users"."email" = ''whatever@atlatis.at' LIMIT 1
(0.0ms)  begin transaction
(1.0ms)  UPDATE "users" SET 
"last_sign_in_at" = '2012-03-02 20:46:06.658370', 
"current_sign_in_at" = '2012-03-
02 20:56:29.481286', "sign_in_count" = 41, 
"updated_at" = '2012-03-02 20:56:29.482286' WHERE "users"."id" = 1
[paperclip] Saving attachments.
(62.0ms)  commit transaction
Firm Load (0.0ms)  SELECT "firms".* FROM "firms" WHERE "firms"."id" = 1 LIMIT 1
Firm Load (0.0ms)  SELECT "firms".* FROM "firms" WHERE "firms"."subdomain" = 'den' LIMIT 1
CACHE (0.0ms)  SELECT "firms".* FROM "firms" WHERE "firms"."subdomain" = 'den' LIMIT 1
Redirected to http://den.lvh.me:3000/
Completed 302 Found in 182ms (ActiveRecord: 0.0ms)


Started GET "/" for 127.0.0.1 at 2012-03-02 21:56:29 +0100
Processing by PrivateController#statistics as HTML
Firm Load (0.0ms)  SELECT "firms".* FROM "firms" WHERE "firms"."subdomain" = 'den' LIMIT 1
Completed 401 Unauthorized in 2ms


Started GET "/users/sign_in" for 127.0.0.1 at 2012-03-02 21:56:29 +0100
Processing by SessionsController#new as HTML
Rendered devise/_links.erb (2.0ms)
Rendered devise/sessions/new.html.erb within layouts/registration (13.0ms)
Completed 200 OK in 27ms (Views: 26.0ms | ActiveRecord: 0.0ms)

【问题讨论】:

  • 你最终解决了这个问题吗?
  • 您设计的 cookie 域是什么? IE 可能缺少通配符 cookie?在这种情况下,本主题可能会对您有所帮助:link
  • @Kirk Nope 但我认为 HungryCoder 的链接看起来可以解决问题。暂时没时间测试
  • @AndreasLyngstad 谢谢。实际上,我想出了一个带有机架中间件的解决方案,并且对会话进行了一些处理。它工作得很好。如果您或这里的任何人需要帮助,请告诉我,我可以将解决方案发送给您

标签: ruby-on-rails internet-explorer devise subdomain


【解决方案1】:

如果您要跨越子域,最好将会话 cookie 更改为跨域。

在初始化程序中编辑 session-store.rb 文件可以做到这一点。

Babyreveal::Application.config.session_store :cookie_store,
key: '_babyreveal_session',
:domain => ".mybabyreveal.com"

注意 .域属性的前缀。这允许跨子域访问此 cookie,并且应用程序应跨子域维护它的会话。可能不是 100% 您正在寻找的东西,但它应该能让您朝着正确的方向前进。

【讨论】:

    猜你喜欢
    • 1970-01-01
    • 2013-02-14
    • 2013-08-19
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 2012-05-01
    • 2013-12-24
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode