Share User Login between multiple Phoenix Applications

Phoenix Forum Questions / Help
1

So I basically have two applications running, one at login.host.com and the other at app1.host.com. Now when a user signs in at login.host.com I want that application to create the auth cookie and redirect the user to app1.host.com, which can simply open the auth cookie. Now I set the domain (e.g. “.host.com”), salt and encryption key in Plug.Session (endpoint.exs) to the same values for the login app and app1. In config.exs I set the secret_key_base to the same value for both and set the url to [host: “host.org”] and [host: “login.host.org”] respectively. In the nginx proxy, I set “proxy_cookie_domain my_appX host.org;” for both, where my_appX is just the local (“upstream”) application name for nginx, i.e. my_app1 and my_app2. If I check the response cookie in firefox after logging in, it shows a different value for both applications as well. Any help is greatly appreciated!

Best wishes,
Jimmy

1 Like
2

Hello @jimmy,
Cookies (also sessions) are generally specific for domain and browser. That means cookies for a single browser from a domain is always different from another domain.
So if you intention is to have a shared cookies for both the domains, this wouldn’t be impossible.
You could check out token based authentication, to use the token as a shared configuration when sending requests between domains.
I hope this may help.
Dev

1 Like
3

Maybe you can look into making login.host.com an OAuth provider, not exactly what you want but you might be able to make it work.

1 Like