对于我的 rails 应用程序,有两个部分。
1) 实际站点/应用程序。
2) 企业支付广告费用的网站。
该应用程序已经构建。这是一个使用用户登录设计的简单 crud 系统。我没有为此使用 SSL。
对于商业网站,我只想有一个表格来输入帐单信息并能够创建一个帐户。对于付款,我想使用条纹。所以,这个网站需要 SSL。我希望该站点位于应用程序所在域的子域中。因此,主应用程序位于 example.com 上,而业务站点位于 business.example.com 上。
我应该将它们分成两个不同的应用程序吗?如果它们应该是一个应用程序,我如何让单独的站点指向子域并使用 SSL?我是否也要创建一个单独的设计登录系统?
Should I split these into two different apps?
You can, but it's not necessary. However, because your users will presumably be the same across the actual site and the business site, it'd be simpler to utilize a single app, rather than persisting the same users across two apps.
If they should be one app, how do I get the separate site to point to the subdomain and use SSL?
There's some fairly complex logic involved with accomplishing this, including making modifications to your hosts file, middleware, and routes. I've found this Ryan Bates' tutorial to be very helpful in setting up my own multi-subdomain installations.
As far as SSL goes, you'll need to configure this in both your Rails app as well as on your production server. You're evidently working with Heroku, so you may benefit from reading Heroku's docs on setting up SSL on their end.
From a Rails perspective, a simpler ground-based approach towards enabling SSL may be to specify that all routes be SSL encrypted:
MyApplication::Application.routes.draw do
resources :sessions, :constraints => { :protocol => "https" }
end
Alternatively, you can declare specific routes to be encrypted:
MyApplication::Application.routes.draw do
scope :constraints => { :protocol => "https" } do
# All your SSL routes.
end
end
You can also look at force_ssl to protect controller access on an action-by-action basis.
Do I create a separate devise login system as well?
If you're running on a single app, then you can utilize a single Devise installation. This presumes, of course, that the users of your actual site will also be users of your business site.