I'm not even sure that's the right question.
I set up ActionCable to open a websocket connection, and it works great on heroku, if it's just the app-name.herokuapp.com But when I try to use the custom domain set up for the app, the connection is not verified.
So, I'm trying to set a cookie on the client, to be able to verify the user
channels/application_cable/connection.rb
module ApplicationCable
class Connection < ActionCable::Connection::Base
identified_by :current_user
def connect
self.current_user = find_verified_user
logger.add_tags 'ActionCable', current_user.email
end
protected
def find_verified_user # this checks whether a user is authenticated with devise
if cookies.signed['user.id']
verified_user = User.find_by(id: cookies.signed['user.id'])
verified_user
else
reject_unauthorized_connection
end
end
end
end
On example.com - it keeps comning back as an unauthorized connection. But app-name.herokuapp.com is connectiong fine.
initializers/warden_hooks.rb
Warden::Manager.after_set_user do |user,auth,opts|
scope = opts[:scope]
auth.cookies.signed["#{scope}.id"] = user.id
end
I try to allow calls from both herokuapp.com and example.com: environments/production.rb
Rails.application.configure do
config.action_cable.url = 'wss://app-name.herokuapp.com//cable'
config.action_cable.allowed_request_origins = [ 'https://www.example.com', /http:\/\/www.example.com.*/, 'https://app-name.herokuapp.com', /http:\/\/app-name.herokuapp.com.*/ ]
end
Why is it unverified on the custom domain? How can I set a cookie variable to verify it? What am I misunderstanding about this concept?
Thanks!
PS.Before someone trys to add as an "answer" -- YES I changed the name to example.com and app-name.herokuapp.com for this post, and NO it doesnt actually say that in my code :)
