简体繁体 English

当Rails在同一域上存在会话时，如何在PHP中创建会话？

[英]How to create a session in PHP when there is a session on the same domain in Rails?

原文 2010-06-02 12:09:45 4 2 php/ ruby-on-rails/ session

I have a Rails app on a subdomain - xyz.domain.com, and a PHP app on another subdomain - abc.domain.com 我在一个子域xyz.domain.com上有一个Rails应用，在另一个子域abc.domain.com上有一个PHP应用

When a user is logged into the Rails app, I would like to give them a session so that I can log certain events about that user in the PHP app but in the same database of the Rails app. 当用户登录到Rails应用程序时，我想给他们一个会话，以便我可以在PHP应用程序中但在与Rails应用程序相同的数据库中记录有关该用户的某些事件。 I would essentially just expose an API that requires authentication. 我实质上只是公开需要身份验证的API。

What is the best way to go about this? 最好的方法是什么？ I am not storing the session in a database 我没有将会话存储在数据库中

UPDATE I should mention that the goal is to allow authenticated access from the PHP site to the database that has been only used by the Rails app thus far. 更新我应该提到，目标是允许从PHP站点到到目前为止仅由Rails应用程序使用的数据库的身份验证访问。 If a user is logged into the Rails app, I want to be able to track any events that occur on the PHP site and associate them with the user. 如果用户登录到Rails应用程序，我希望能够跟踪PHP站点上发生的任何事件并将它们与用户相关联。

2 个解决方案

I will reply, not knowing a lot about Rails. 我会回答，对Rails不太了解。

You can customize the cookie name in php.ini. 您可以在php.ini中自定义cookie名称。 Between the session name and the correct cookie domain you can create a cookie that will be shared by both applications. 在会话名称和正确的cookie域之间，您可以创建一个将由两个应用程序共享的cookie。

A "session" in PHP terms just implies a cookie whose value points to some set of saved data in the session store. PHP术语中的“会话”仅表示一个cookie，其值指向会话存储中的一组已保存数据。 For example, if PHP (using the default config) sees a cookie PHPSESSID=2b00042f7481c7b056c4b410d28f33cf , it will look for a session file like /tmp/sess_2b00042f7481c7b056c4b410d28f33cf . 例如，如果PHP（使用默认配置）看到一个cookie PHPSESSID=2b00042f7481c7b056c4b410d28f33cf ，它将查找类似于/tmp/sess_2b00042f7481c7b056c4b410d28f33cf的会话文件。 The file just contains the output of serialize($_SESSION) . 该文件仅包含serialize($_SESSION)的输出。

So, sharing the session will share this cookie value, but nothing else intrinsically. 因此，共享会话将共享此cookie值，但本质上没有其他共享。 You will have to decide how to share other values, if PHP is to insert log records. 如果PHP要插入日志记录，则必须决定如何共享其他值。 Some options: 一些选择：

If the PHP session is empty, query a URL in the Rails app that provides the logged-in username and other session details. 如果PHP会话为空，请在Rails应用程序中查询URL，该URL提供已登录的用户名和其他会话详细信息。 Make sure the URL is only accessible from localhost. 确保只能从本地主机访问该URL。
Equate sessions IDs to usernames/ids in the database so PHP can do a lookup. 将会话ID等同于数据库中的用户名/ ID，以便PHP可以进行查找。

i think session is not possible. 我认为会议是不可能的。 you can use database to store authentication if they can share same database between subdomain. 如果它们可以在子域之间共享同一数据库，则可以使用数据库存储身份验证。