0

I have one rails app, running on Heroku, working behind two different domains. That works fine. I'd like to have Facebook authentication for both. That doesn't.

According to several different sources (stackoverflow, facebook help (well, most of the answers here)) there's no way to use the same FB API Key on two different domains. Also, there's no way to do it on your app config page.

What is a good way to do it? Devise is configured in the devise.rb initializer, shall I do a check there and have two different lines of this?

config.omniauth :facebook, "< key >", "< secret >", { :scope => '...', :strategy_class => OmniAuth::Strategies::Facebook }

But if I do that, how do I know the domain? Because I suppose request.host is not available in the scope of an initializer.

Community
  • 1
  • 1
Laszlo T
  • 1,165
  • 10
  • 22
  • 1
    _“What is a good way to do it?”_ – decide on one “main” domain, and handle login from there. Redirect the user back to the other domain afterwards. // It was also possible to use multiple domains, by configuring different platforms, such as website, canvas and/or page tab with different domains, and kind of “tricking the system” that way. But I don’t know if that still works, and it might not go over well in application review. – CBroe Sep 27 '15 at 21:12
  • Just to make sure I understand: devise-generated session cookies cannot be used on the other domain, so this solution would require some kind of customisation, catching the successful authentication and then giving the signal to the other domain that it's OK. Right? – Laszlo T Sep 27 '15 at 21:21
  • I am not sure if that will be easy to implement using OmniAuth; it might need some manual work/adaptions. – CBroe Sep 28 '15 at 07:36

0 Answers0