Pass authentication between php and Ruby On Rails application

Question

I have a simple Ruby on rails application that I want to integrate with an existing php website. I only want that users who\'s been authenticated by the php application woul

Answer 1

The easiest way is to make use of cookies. In the PHP application, this cookie gets set, and the RoR application can read it's value.

But with cookies you'll have to watch out for security, because the contents of the cookie can be set manually, and cookies can also be copied, which allows for stealing another persons cookie.

Another option could be a session which is stored in a database both applications can make use of. The advantage of this option is that the contents of the session is stored on the server, and it can't be altered. The only thing you would have to handle is to identify the user belonging to the cookie.