loading...

Discussion on: Have you ever felt completely helpless when facing down a coding problem?

Collapse
buhrmi profile image
Stefan Buhrmester

How does your middleware share cookies across multiple domains?

Thread Thread
yaser profile image
Yaser Al-Najjar

Here is the middleware:

github.com/coretabs/dorm-portal/bl...

Right before serving any request, it writes the same sessionid with CSRF token across multiple domains (pre-defined in an env var), so that you get logged-in once and for all.

  • We have multiple subdomains for this app, like: DOMAIN.com, admin.DOMAIN.com, api.DOMAIN.com
Thread Thread
buhrmi profile image
Stefan Buhrmester

ah, so it's for multiple subdomains under one domain. But in that case, I think it would have been sufficient to just set the cookie for the main domain (.DOMAIN.com) only. it should be accessible by all subdomains too

Thread Thread
yaser profile image
Yaser Al-Najjar

Yep subdomains (been edited, thx)... and no, it won't be enough 😁

I don't remember what was the problem I ran into after using the main domain trick (adding a dot).