Setup a third party node.js authentication server

Question

I have two separate applications (app1 and app2 based on MEAN stack) running on my server. I want to add a new application that manages the authentication for both applications. I mean if I try to log in from app1, it redirects me to a login form in auth application, and after login I come back to the previous url in app1. After that, if I go to app2, I'm still logged in.

I'm looking to implement something like similar to the google accounts/ServiceLogin: I can log in one time, and the session remains for almost all google products.

Something important is that I use subdomains for each app: app1.mydomain.com and app2.mydomain.com.

How can I do that using node and express?

Currently I use vhost to manage each subdomain.

Answer 1

You're looking for a single sign on solution.

I'm only familiar with one solution that Stormpath provides, which is called 'ID site'. It's basically a hosted authentication site that handles auth for you, then passes logged in users between your subdomains.

The way it works is like this:

• User visits www.yousite.com.
• User clicks 'login'.
• User is re-directed to login.yoursite.com.
• User then logs in.
• User is then redirected to dashboard.yoursite.com and is fully authenticated (SSO).

You can implement this quite easily using express-stormpath, here's the relevant docs: https://docs.stormpath.com/nodejs/express/product.html#use-hosted-login