{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Melony? 的问题《Maintaining login session across subdomains in nod》','https://www.manongdao.com/q-586897.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I'm developing a nodejs web application, in that I have multiple subdomains like domain.com, sub1.domain.com, sub2.domain.com etc.
if user logs in to sub1.domain.com and gets redirected to domain.com or sub2.domin.com it will give as not logged in,
How can I maintain this session across sub-domains and in main-domain?
I'm using express, nodejs, mongodb.
app.use(session({
secret: "secrete key",
store: new MongoStore({
db: "session-db"
})
}));
I tried setting up like this, didn't work:
app.use(session({
secret: "secret key",
cookie: { domain:'.yourdomain.com'}, // here I used '.localhost'
store: new MongoStore({
db: "session-db"
})
}));
What you're asking is not recommended, eg: Share cookie between subdomain and domain
What you really want, is Single Sign On (SSO).
There are two ways to do SSO in Node (that I'm aware of, there are probably other tools out there that I've never heard of):
I'm the author of the express-stormpath library, so I'm a bit biased, but in general, SSO stuff is actually quite complex, and there are a lot of potential issues implementing things incorrectly with it.