4 months ago
So our team is working on an auth service that stores session cookies on our subdomain. Preview environments are pretty impossible for us to test right now though, since we can't set subdomain cookies on .up.railway.app
Any suggestions? This is pretty frustrating since I'm not sure how we should be testing auth, or signing into our preview instances that are gated using it.
22 Replies
4 months ago
More context? You would want to test session cookies in a PR env?
Our auth service is hosted on railway as a fullstack app with tanstack start. It deploys with preview environments since it's needed to log in to our other apps.
I'm using Better Auth where I have a session cookie that normally exists on our application's dedicated subdomain. We have several applications that will be using the same subdomain.
I might be able to doubly set the cookie on both domains, but that really wouldn't be ideal. but because up.railway.app is listed under public suffixes, I cannot set cross domain cookies on it. (side note….I know it's not great to be setting cookies on such a public domain, but since they're throwaway test accounts we weren't really minding it)
4 months ago
We do that for staging
But! The ask really is for root domains for PR envs right?
4 months ago
You'd really want:
where the subdomain is arbirtrarily generated by Railway yea?
4 months ago
ofc, we have a separate domain for it and everything, but we hack around it
Yep, exactly! I upvoted it on the roadmap, but right now have just been struggling to find a good way around it without over-engineering for my preview envs
4 months ago
I regret to inform you that this isn't an easy lift
4 months ago
and the PR env networking is a codepath full of spider webs
I mean it works, and it's reliable but if you can prove to us that it's blocking some real $$$ its hard for me to get it reprioritized.
4 months ago
Wait- looked at your account
4 months ago
You are indeed Enterprise
4 months ago
Okay, lemme add this to your account notes, Rahul (your AE) will pull some strings to get us to think about this.
Totally understand! Networking certainly is not an easy problem to solve in general 😂
I appreciate it though! Honestly I am just struggling to think about how to get this to work reliably, was mostly hoping that potentially someone had run into a similar use case and solved for it
4 months ago
We may have some parallel threads, I think we would want us to move away from the CNAME flattening system we have, if we move from that- other things become significantly easier.
Honestly even having a custom subdomain string on the railway domain that's just for our org would be nice- something like:
pr-123.tonohealth.up.railway.app
but yeah, not sure how complicated that would be for y'all to implement 🙂 I will think on some workarounds, might need to just proxy some requests and forward my cookie headers for now
4 months ago
custom subdomain string
This is actually much easier
4 months ago
I will take it to the lab.
Hey! Just wanted to bump this because I'm curious- what can we look for in terms of turnaround time for something like this? Even if it's just an estimate of when you might get around to it
4 months ago
Ack. Not likely at all that we can pick this up this quarter; no spare cycles.
3 months ago
I appreciate it though! Honestly I am just struggling to think about how to get this to work reliably, was mostly hoping that potentially someone had run into a similar use case and solved for it
Definitely struggling with this too, here's what I settled on as a workaround:
Few lines of frontend code that check whether we're on
<pr-preview>.up.railway.appand redirect to<pr-preview>.custom.domainif yes
A Railway function that listens on
<pr-preview>.custom.domainand proxies back to<pr-preview>.up.railway.appDepending on your setup you might need something similar to 1. on your backend to rewrite CORS headers