Menu
I need to redirect a user after successful auth to its own sub-domain like
company.test.com from test.com
The auth page opens on test.com and when I get response for successful auth I get the user's sub-domain name from the database. So company name xyz should redirect to xzy.test.com, That part is already done.
The issue is the session of the user. I am saving the authenticated user data into redux and when pages refreshes/redirects to the subdomain it loses the user data.
All I can think of is that I should pass the authenticated user id along with sub-domain like xyz.test.com/encrypted-user-id to a route and I will get that user id on the back-end and will decrypt it and will force user login without asking for password again.
My question is that... is there an alternate way? If no, Is this a feasible way to solve this
452
To share cookies across subdomains, you can simply create cookies with the domain directive set to the parent domain, in this case, example.com, rather than either of the specific subdomains.
A cookie is associated with a particular domain and scheme (such as http or https ), and may also be associated with subdomains if the Set-Cookie Domain attribute is set.
To share a cookie between domains, you will need two domains, for example myserver.com and slave.com . One of the domains will issue the cookies and the other domain will ask the first domain what cookie should be issued to the client.
As you may know, cookie can't be set in a different domain from another domain directly. If you're having multiple sites in where you need to set a cookie from a parent site, you can use basic HTML and JS to set the cookies. Google is using this same way.
Yes, there is an alternate, and more correct way to solve your question.
I'll try to answer in two parts: first enabling cookies between root- and sub-domains, and second how to do this in Laravel.
Make cookies available between root and sub-domains:
When receiving cookie headers, a browser can be instructed to share the cookie across subdomains. This is achieved by adding the domain to the Set-Cookie header.
Set-Cookie: user=JohnDoe; domain=testdomain.com
As of RFC-6265, the above syntax will tell the browser that cookies set on test.com should be made available to all subdomains (i.e. a.test.com, xyz.test.com). For a more detailed explanation see this answer here on SO.
Set cookies to be available on subdomains in Laravel:
According to Laravel responses documentation the cookie function accepts all arguments accepted by php's [setcookie][4] function (look at path and domain arguments).
As an example, for a one off you could write:
$path = '/'; // make cookie available on all paths
$domain = "test.com"; // according to rfc6265 make available on root and subdomains
return $response($content)->cookie($name, $value, $minutes, $path, $domain);
Another way, for sharing all cookies across the root and subdomains comes from JacobBennet's snippet. The suggestion there is to set the desired value of the domain variable in config/session.php. Then, all (!) cookies will be available to subdomains.
The frontend side (React) should not do anything particular, besides "redirecting".
192
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
