How to share session between Rails 4 applications?

Scenario

I have an application which loads few pages from another application in iframe(yeah! I know it is bad) sharing same domain. The main application saves some data in session which is used by the other application. Also, when a user is interacting within iframe UI, the session should not get timed out in the container application.

Assumptions

1. Both applications shares same domain
2. Both applications run on Ruby on Rails 4.2.x
3. One application handles authentication via Devise and shares session with other application
4. Session will be stored on memcached via AWS elasticache service
5. dalli and dalli-elasticache gems are configured in Gemfile. dalli-elasticache is a gem for AWS ElastiCache AutoDiscovery support for Memcached

Implementation

Make following changes in both applications:

• Set the same session cookie name and domain scope in session_store.rb

config/initializers/session_store.rb

• Set same secret base in secrets.yml

config/secrets.yml

• Use shared memcached client to share sessions

config/application.rb

And that’s it. You can now call other application pages in one application and share data through session.

Sample snippet showing how one application access pages of other application

At BoTree, we build web and mobile applications to add value to our client’s business. We align ourselves to ensure that our client benefits the most out of our engagement. Drop us a line to discuss how can we help take your business to the next level. Talk to us.