Reputation: 172
Single Authentication for multiple laravel Application
I have 3 laravel Applications with 3 databases. Application 1 is the Login for authentication (Registrations and Login) and is only connected to the users Database .
Application 2 allows user to perform some basic operations and is connected both to user and App2 Databases
Application 3 allows users to perform some other operations different from application 2 and is connected to users and App3 Databases
Now my problem is to allow a user looggin once through Any of the applications and is automatically logged in to other application
More like having a single google account that works in all apps.
Application 1 will be access through the main URL
www.kokoka.com
while others will be access through
health.kokoka.com
school.kokoka.com
I have tried https://github.com/awnali/SSO-laravel-5
I have also changed the Domain in session.php
'domain'=>'.domain.dev'
all to no avail
Upvotes: 1
Views: 5493
Answers (1)
Reputation: 7923
You need to set the session file to database and everything related to sessions should be identical. Basically the session.php file should be the same between both, they should have a common database, and the key and cipher type should be identical.
If they have the same domain name (ex: server1.mydomain.com, server2.mydomain.com) but different hostnames/subdomain names, then the cookies should still work fine as long as you set the domain correctly (ex .mydomain.com). If they are on the same server, you can still use a common key-value system. If they are on separate servers, you either need a common storage location (like S3) or a replication enabled key-value system like Redis or Memcached. You could also use MySQL if you need to replicate other data types, but it's very heavy for just key-value pairs.
If they have completely different domains, then cookies will not work. In that instance, you would need to reference cross-site session ids through GET query strings, and perform session migrations in the back-end using either common or replicated systems, or via some secure API. This is a very difficult system to setup and only works if you are moving between the domains using links embedded in the sites. Bookmarks or manual address input will loose session data.
Another way to acomplish what you need is to use the new funcionality of laravel passport.
Laravel already makes it easy to perform authentication via traditional login forms, but what about APIs? APIs typically use tokens to authenticate users and do not maintain session state between requests. Laravel makes API authentication a breeze using Laravel Passport, which provides a full OAuth2 server implementation for your Laravel application in a matter of minutes. Passport is built on top of the League OAuth2 server that is maintained by Alex Bilbie.
This will let you share data across multiple domains through an API so you can share the session and user information. This is the way most people prefer.
Upvotes: 5
Related Questions
- multi authentication system in laravel
- Laravel authentication in multiple instances
- How to do single auth for multiple projects in laravel?
- Multiple auth for laravel
- Laravel 5.3 Multi Authentication setup
- Laravel 5.1 multiple authentication
- Multiple Authentication in Laravel 5.3
- Laravel 5.3 using multiple authentication (e.g admin, customer)
- Laravel 5 multiple authentication
- Multiple Authentication in Laravel 5