I have a slightly odd need, and since I’m still somewhat new to Rails, I’d love your feedback.
My app has a set of public stuff, (which will live at www.mydomain.com), a set of admin pages (which will live at admin.mydomain.com), and the bulk of the app, which will live at
subdomain.mydomain.com, where “subdomain” is chosen by the user when they sign up for my service. For the users, they’ll be authenticated
against the combination of the subdomain and their supplied username and password - each subdomain has its own set of users which are not shared with other subdomains.
I’m trying to figure out how to set up my controllers and
authentication code to make all of this work. My tentative approach is to use the Request Routing plugin to set up specific routes for “www” and “admin” subdomains, routing them to special controllers with
special authentication strategies (none for www, separate user list for admin), then locking down all other controllers with a before_filter to validate against both subdomain and username/PW.
Is this the right approach, or can someone point me to a more
enlightened one?
- John