Sub-domain + cookie auth

Nash Kabbara's Avatar

Nash Kabbara

04 Jun, 2009 09:46 PM

Our app works a little similar to yours where each user account is identified by subdomain. So company one would log in at c1.ourdomain.com and company 2 at c2.ourdomain.com.

With this setup, how can I share our own's site auth with tender?

Thanks.

-Nash

  1. Support Staff 1 Posted by Courtenay on 04 Jun, 2009 10:08 PM

    Courtenay's Avatar

    Use the URL based form of authentication. It's in the Tender
    Multipass README ( http://github.com/entp/tender_multipass )

  2. 2 Posted by Nash Kabbara on 04 Jun, 2009 11:03 PM

    Nash Kabbara's Avatar

    Nice. OK, doing the URL method, is it possible to pass some custom attributes
    that will be inputted into the message so I may id which subaccount that came
    from?

    Thanks.

    -Nash

  3. Support Staff 3 Posted by Courtenay on 04 Jun, 2009 11:06 PM

    Courtenay's Avatar

    Yes. It works the same -- just that it's key/value in the url instead of
    cookies.

  4. 4 Posted by rick on 04 Jun, 2009 11:26 PM

    rick's Avatar

    No no, don't use that anymore. We're testing out a new multipass format that works with an encrypted json hash. http://github.com/entp/multipass/tree/master

    (assuming you're using ruby)

    class User
      def multipass
        MultiPass.encode(site_key, api_key, :email => email, :display_name => name, :expires => 30.minutes.from_now,
          :custom => 1, :custom_2 => 2)
      end
    end
    

    Your site key and api key can be found in your site settings.

  5. 5 Posted by Nash Kabbara on 04 Jun, 2009 11:42 PM

    Nash Kabbara's Avatar

    OK, will try that, but how does the url look like in this case?

    In our app, I have a help link. I'd like that link to bring our user into
    Tender already logged in. Is it possible without having to do the " Tender ->
    click "login" -> goes to your site -> returns to Tender with URL params" Trip.

    So "Our site -> goes to tender with encrypted json hash directly".

    Thanks.

    -Nash

    -Nash

  6. 6 Posted by Nash Kabbara on 04 Jun, 2009 11:42 PM

    Nash Kabbara's Avatar

    FYI, I'm using Ruby.

    Thanks!

    -Nash

  7. 7 Posted by rick on 04 Jun, 2009 11:48 PM

    rick's Avatar

    Ah yea, forgot about that. So, set your login URL in the Tender
    settings (for Lighthouse we have it set to
    http://my.lighthouseapp.com/login?to=http://help.lighthouseapp.com).
    When you click 'login' from tender, it sends the user to your app to
    log in. Once logged in, redirect them to the url, adding the sso
    parameter. So, the url should look something like
    'http://help.lighthouseapp.com?sso=asdfasdfasdf'. Alternately, you
    can just link to that from a support link your site.

  8. 8 Posted by Nash Kabbara on 04 Jun, 2009 11:53 PM

    Nash Kabbara's Avatar

    Nice, will try that right after dinner and let you know.

    Thanks.

    -Nash

  9. 9 Posted by Nash Kabbara on 05 Jun, 2009 12:00 AM

    Nash Kabbara's Avatar

    The only problem I see with setting Login Url in Tender is that each account
    has their own login at their subdomain. So there doesn't seem to be a way to
    link from Tender to my apps login. Unless I setup a page in which I ask the
    user for their host/user/pass combination.

    But coming in from my app to Tender, that seems like it would work.

    Will try it in a bit.

    Thanks.

    -Nash

  10. 10 Posted by rick on 05 Jun, 2009 12:02 AM

    rick's Avatar

    You'll want some kind of single url for all logins then, with
    subdomain/login/password fields. I'm not sure what else we can do on
    that front.

  11. 11 Posted by Nash Kabbara on 05 Jun, 2009 05:32 PM

    Nash Kabbara's Avatar

    Tried this last nigh and it worked great.

    Can I roll this into production or you suspect it's going to change?

    Also, another matter, is it possible to start a ticket in Tender and put the
    users email address in when I create a ticket relating to them? That way a
    ticket is started by me and they're notified? All conversation is tracked after
    that.

    If not, can I email them and CC tender so a new issue is started there and the
    conversation is tracked?

    Latter way is preferable for me personally.

    Thanks!

    -Nash

  12. 12 Posted by rick on 05 Jun, 2009 05:41 PM

    rick's Avatar

    No you can't do that yet. I really want to add it at some point when
    we finish up the stuff that's currently in QA. One thing I'm thinking
    about is starting a discussion for multiple customers, each in their
    own thread. Private matters are better discussed in individual
    therads, I think.

    You can email them and CC tender, but their reply won't go to Tender.

  13. 13 Posted by Jeff Haynie on 06 Jun, 2009 05:25 AM

    Jeff Haynie's Avatar

    We're trying to setup tender using external auth from our domain. Login seems to work great but we can't seem to ever get logout to work. We seem to be able to delete the cookies (tender_email, tender_expires, tender_hash) and then redirect but tender still shows the user logged in. Checking the cookies in Firefox (tried on safari too), they're gone. Is there anything else required to logout?

  14. 14 Posted by Nash Kabbara on 09 Jun, 2009 05:59 PM

    Nash Kabbara's Avatar

    Has anything changed regarding this?

    Suddenly I get this error message:
    The MultiPass token was not able to be decrypted.

    Thanks.

    -Nash

  15. 15 Posted by Nash Kabbara on 09 Jun, 2009 06:01 PM

    Nash Kabbara's Avatar

    FYI, I just tested this using the ourdomian.tenderapp.com and it works fine.
    But when I use our custom domain, it doesn't.

  16. 16 Posted by rick on 09 Jun, 2009 06:03 PM

    rick's Avatar

    Not sure, it works fine for me. Are you still passing the same values
    for site_key and api_key?

  17. 17 Posted by Nash Kabbara on 09 Jun, 2009 06:08 PM

    Nash Kabbara's Avatar

    Yeah, but the only change I made since it worked was use our custom domain
    instead of the one provided by tender.

    I switched it back and all is working.

    Should using our custom domain be a limitation?

    -Nash

  18. 18 Posted by rick on 09 Jun, 2009 06:09 PM

    rick's Avatar

    It works with a custom domain, but your MultiPass site key and api key
    don't change.

Discussions are closed to public comments.
If you need help with Tender please start a new discussion.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac