How can I share a local storage token across the same domain but a different host?

Question

Project 1: MVC App:

So I have a regular .Net Core MVC application that a user would land on when they navigate to myDomain.com which is hosted on port 3000. Here I am using regular controllers and razor views etc. Within this applicaton the user can login at which point a JWT token would be returned and stored in local storage. They will also be navigated to the user portal (hosted on port 3001). This MVC application will also contain the API controllers for my user portal

Project 2: SPA app (user portal):

The user portal is basically a seperate client SPA project using react that will be hosted on port 3001 having its own seperate node js server and making calls to the MVC project API on port 3000.

So my problem is how can I persist my login token across these two ports?? Is this even possible? Does this architecture even make sense? Any readings you can provide on this topic would be greatly appreciated.

Answer 1

Put a simple reverse proxy before your webservers. Then you can serve the two pages under the same domain:

myDomain.com/application1 --> reverse proxy to port 3000
myDomain.com/application2 --> reverse proxy to port 3001

or

app1.myDomain.com --> port 3000
app2.myDomain.com --> port 3001

You can setup reverse proxy in IIS or just use nginx.

Answer 2

I think what you need is a cross domain scenario for session storage. This article talks about a trick which you can use to share session storage using IFrame

https://jcubic.wordpress.com/2014/06/20/cross-domain-localstorage/

Hope this helps