Here's the scenario:
I have a Rails app running on a single machine. The app for the sake of this discussion is a content management system and will be used to serve multiple sites in a network. It can be reached at app.com
. Users should be able to setup a custom domain for their site.
What I'm struggling with is how to maintain the session so that a user only has to sign into the network once. If they visit any site on the network, their session should be maintained. (Technically, the user is still on the same site just with a custom URL for the site their visiting.)
How do I maintain the session for the user across all sites on the app?
Based on what I've read about cookies, this is difficult b/c cookies cannot be shared between unique domains. What I'm looking for is help understanding the parts of the problem at play. I'm game to write Rack Middleware or add other tech in front of the app if that's what it takes. Eventually, I'd like to make it possible for each of these domains to use HTTPS, but let's start leave that out for now.