I have a rails app that is a CMS that uses dynamic subdomains for each site. For some reason when I deployed to production the session cookie is not getting set. I'm thinking this is leading to the "Invalid Authenticity Token" errors that are being thrown everywhere.
I have my production.rb setup so that I can share sessions across subdomains. What could be going wrong that the cookie isn't being set at all?
#production.rb
config.action_controller.session[:domain] = '.domain.com'
#environment.rb
config.action_controller.session = {
:session_key => '_app_session',
:secret => '.... nums and chars .....'
}