Passport-local: Authentication on different subdomain
Hi Jared.
I would like to know if there is some way to move authentication form to a different subdomain.
When user tries to access restricted area he is redirected to auth. subdomain and asked to enter username, password. When done he is redirected back to where he wanted.
coder90
All 5 comments
Cookies can be configured to apply to subdomains if they are set on the root domain.
For example: a cookie set on google.com will apply to google.com, search.google.com, and maps.google.com.
See HTTP cookie - Domain and Path on wikipedia for more info.
For me, it seems that the path is / by default.
Cookies are handled by Express, check out the documentation on cookies.
You can set cookie defaults when you create the express session:
app.use(express.session({ secret: 'keyboard cat', cookie: { maxAge: 43200000 } }));
Hope that helps, cheers.
clayzermk1
on 17 Jan 2013
Setting the cookie domain via options passed to express.session did not work for me.
i.e.:
cookie: { maxAge: ONE_DAY, domain: '.mydomain.com' }
Login sessions are destroyed when navigating between apps on different subdomains.
Cannot Passport share login sessions across subdomains?
cailie
on 5 Apr 2013
Please see closing comment in referenced passport issue above.
cailie
on 7 Apr 2013
You can use: domain: ".app.localhost" and it will work. The 'domain' parameter needs 1 or more dots in the domain name for setting cookies. Then you can have sessions working across localhost subdomains such as: api.app.localhost:3000.
ruanosaur
on 27 Feb 2014
No, it doesn't help.
dangerden
on 12 Jun 2014
Related issues
ghost
路
3Comments
jcyh0120
路
3Comments
JonathanSum
路
11Comments
EvHaus
路
25Comments
jacargentina
路
7Comments
Most helpful comment
You can use:
domain: ".app.localhost"and it will work. The 'domain' parameter needs 1 or more dots in the domain name for setting cookies. Then you can have sessions working across localhost subdomains such as:api.app.localhost:3000.