How does your middleware share cookies across multiple domains?
Here is the middleware:
Right before serving any request, it writes the same sessionid with CSRF token across multiple domains (pre-defined in an env var), so that you get logged-in once and for all.
ah, so it's for multiple subdomains under one domain. But in that case, I think it would have been sufficient to just set the cookie for the main domain (.DOMAIN.com) only. it should be accessible by all subdomains too
Yep subdomains (been edited, thx)... and no, it won't be enough 😁
I don't remember what was the problem I ran into after using the main domain trick (adding a dot).
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.