Log a user into their subdomain after registration with Rails and Devise
I\'m using Devise for authentication in my Rails 3 app. The application uses PostgreSQL schemas and the Apartment gem to facilitate multi-tenancy.
Logging in and ou
-
You could use
domain: :alloption in your config.session_store and just have a before_action just as suggested by some in the comments.So you'll still have the code in config/initializers/session_store.rb or in config/application.rb:
config.session_store :cookie_store, :key => '_domain_session', :domain => :allThen in your application_controller add the following code:
#app/controllers/application_controller.rb before_action :check_subdomain def check_subdomain unless request.subdomain == current_user.account.subdomain redirect_to root_path, alert: "You are not authorized to access that subdomain." end end讨论(0) -
Override the devise session controller.
Create a file with the exact path
app/controllers/devise/sessions_controller.rbOverride the sessions_controller class in that controller. Paste in the code found at the link. https://github.com/plataformatec/devise/blob/master/app/controllers/devise/sessions_controller.rb
class Devise::SessionsController < DeviseController # copy-paste the devise session controller below. ... endEdit the
createaction to suit your needs.def create self.resource = warden.authenticate!(auth_options) set_flash_message(:notice, :signed_in) if is_flashing_format? sign_in(resource_name, resource) yield resource if block_given? respond_with resource, :location => after_sign_in_path_for(resource) endI'm looking to see if I can figure out how exactly to make this work, but I know for sure that the result you want is attainable by overriding the devise session controller.
EDIT
If you are using cross-subdomain cookies, you could enforce the subdomain session with a before_filter. For example
before_action do redirect_to root_path, alert: 'That subdomain does not belong to you' if request.subdomain != current_user.subdomain end讨论(0)
加载中...
- 热议问题