re: Have you ever felt completely helpless when facing down a coding problem? VIEW POST

TOP OF THREAD FULL DISCUSSION
re: Just kidding... I had once to deal with cross domains cookies sharing. The idea was signing in multiple subdomain names at the same time (without...
 

How does your middleware share cookies across multiple domains?

Here is the middleware:

github.com/coretabs/dorm-portal/bl...

Right before serving any request, it writes the same sessionid with CSRF token across multiple domains (pre-defined in an env var), so that you get logged-in once and for all.

  • We have multiple subdomains for this app, like: DOMAIN.com, admin.DOMAIN.com, api.DOMAIN.com

ah, so it's for multiple subdomains under one domain. But in that case, I think it would have been sufficient to just set the cookie for the main domain (.DOMAIN.com) only. it should be accessible by all subdomains too

Yep subdomains (been edited, thx)... and no, it won't be enough 😁

I don't remember what was the problem I ran into after using the main domain trick (adding a dot).

code of conduct - report abuse