How to implement cross-domain authorization?

G

Gravio2019-10-16 17:59:15

OAuth

Gravio, 2019-10-16 17:59:15

Good afternoon, there is an application in vue js and a server in php laravel.
Now everything works like this: vue js -> sends a request to php -> returns a token -> save the token in localstorage
The problem is that the application has grown and we have moved one service to a separate subdomain. it turned out something like this:
the main vue js application (with a login form) sub.domain.com (the token is saved here) and another application sub2.domain.com, the question is, how to get a user token on the second domain?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

I

Ivan Shumov, 2019-10-16
@inoise

We select a separate Identity Server that monitors users. We read about all sorts of oidc, OAuth2 and the like. Each application is a separate service that knows nothing about the other. If the user is a guest, then he is sent to talk to IS, log in and come back with a token (all this under the hood with redirects or via Ajax)
Prefit. One user base, as many applications as you want