Access rails session information by session id

Question

I'm using the default cookie based session store. Basically, I'm using heroku and I need to go from my app: http://test1.myapp.com over to heroku for one page: http://myapp.heroku.com/billing - so I need to access the session when I go to the heroku url. I'd like to access the session[:user_id] on the heroku page, but when is go to the heroku page a new the session is generated.

I was thinking I could pass the session_id on the main url in the querystring, but I don't know how to access it from the heroku url page.

I tried this:

session[params[:sid]][:user_id]  

but it's not working. Is it possible to access session information if you know the session id? Or is there another way to read session information from another url (but all in the same rails app)?

Thanks.

Answer 1

In order for that to work you will need to set up your domain in Heroku so that the Heroku app is running under the same TLD as the main app. To do that, add your domain to your billing app like so:

$ heroku domains:add billing.myapp.com

Make sure to follow Heroku's instructions to set up your DNS.

Your billing app will then live at http://billing.myapp.com/billing (on Heroku). That way the controller should be able to access the same session and cookies.

Be sure to set the session domain in environments/production.rb in both apps:

config.action_controller.session = { :domain => ".myapp.com" }

I should also mention that you might consider using some kind of shared authentication or token authentication between the apps, since cookies can potentially be hacked or otherwise compromised.