I have a slightly odd need, and since I’m still somewhat new to Rails,
I’d love your feedback.
My app has a set of public stuff, (which will live at
www.mydomain.com), a set of admin pages (which will live at
admin.mydomain.com), and the bulk of the app, which will live at
subdomain.mydomain.com, where “subdomain” is chosen by the user when
they sign up for my service. For the users, they’ll be authenticated
against the combination of the subdomain and their supplied username
and password - each subdomain has its own set of users which are not
shared with other subdomains.
I’m trying to figure out how to set up my controllers and
authentication code to make all of this work. My tentative approach is
to use the Request Routing plugin to set up specific routes for “www”
and “admin” subdomains, routing them to special controllers with
special authentication strategies (none for www, separate user list for
admin), then locking down all other controllers with a before_filter to
validate against both subdomain and username/PW.
Is this the right approach, or can someone point me to a more
enlightened one?
- John