My app (one instance) is accessible from two different domain name, let’s say a.com and b.com.
The app behaves different for each domain, like a different stylesheet. I have a plug that puts a domain assign on the conn which is used down the line. All this works just fine. However, the key name used to sign the cookie was the same for both domain names, which we did not want.
Today I managed to set the cookie key dynamically in a Plug. It feels kind of hacky, but it works. Here is how I solved it:
# The plug module
defmodule MyApp.Plug.Domain do
import Plug.Conn
def init(opts), do: opts
def call(conn, _) do
domain = decide_domain(conn)
session_opts = session_opts(domain)
conn
|> assign(:domain, domain)
|> put_private(:plug_session_opts, session_opts)
|> local_configure_session(session_opts)
end
defp decide_domain(conn) do
host = Map.get(conn, :host, "")
cond do
String.contains?(host, "a.dom") -> :domain_a
String.contains?(host, "b.com") -> :domain_b
end
end
defp local_configure_session(conn, session_opts) do
opts = Plug.Session.init(session_opts)
Plug.Session.call(conn, opts)
end
defp session_opts(domain) do
host = Application.get_env(:my_app, :host)
# SessionOpst is the basic default keyword list as you would expect
Keyword.merge(SessionOpts.get(), key: Slug.slugify("_#{domain}_key_#{host}"))
end
end
# early in the router
pipeline :browser_no_csp do
plug(:accepts, ["html", "json"])
plug(MyApp.Plug.Domain)
...
# In MyAppWeb.Endpoint
# SessionOpts is a basic opts list for the cookie session, with 'key: "default_key"' because `key` is required.
plug(Plug.Session, SessionOpts.get())
The problem now is that the LiveView socket options remain the default_key and are not overwritten by my plug, causing the page to be redirected all the time. I set the LiveView socket in my Endpoint module as well, like the Plug.Session but it isn’t overwritten.
Is this possible, or am I aproaching this the wrong way?
