How to share sessions between subdomains with Rails 2.3.8

I have found numerous posts that开发者_如何学Go describe how to do this. They all look something like putting this in the appropriate environment config file:

config.action_controller.session[:domain] = '.localhost'

However, if I do this then trying to sign in (I am using devise) fails with:

ActionController::InvalidAuthenticityToken

I see others posting the same problem (to the comments section of the various blogs offering the advice to set session[:domain]) but I haven't found a case where anybody has answered the question about why that is happening and how to fix it.

Any ideas?

I'm not sure if this is related to your problem, but are you trying to set the session domain to just '.localhost'? This won't work as it effectively a top-level domain that you are trying to set a cookie for.

See http://www.ruby-forum.com/topic/181650#794923

I have this snippet in config/initializers/set_session_domain.rb:

module ActionControllerExtensions
  def self.included(base)
    base::Dispatcher.send :include, DispatcherExtensions
  end

  module DispatcherExtensions
    def self.included(base)
      base.send :before_dispatch, :set_session_domain
    end

    def set_session_domain
      domain = @env['HTTP_HOST'].gsub(/:\d+$/, '').gsub(/^[^.]*/, '')
      @env['rack.session.options'].update :domain => domain
    end
  end
end

ActionController.send :include, ActionControllerExtensions

Everything works pretty nice.