Answer the question
In order to leave comments, you need to log in
There are two php REST applications (gives json) and a monolith (gives ready-made html), how to make a single authorization?
That is, when logging into one, the second does not ask for a username and password.
There are two applications
1) REST uses tokens for authorization
2) monolith (server side rendering gives ready-made html) uses cookies and sessions for authorization
How to make a single authorization? if they are on the same server and subdomains of the same domain.
I suppose
Enable cookies for all subdomains.
For a REST application, enable sessions and read data from the session, the identifier of which is stored in the database. And write to the session so that the monolith can also see it.
If there are examples of implementations on Laravel, I will be grateful.
Answer the question
In order to leave comments, you need to log in
Use a single common client session ID on the server for one client.
And already bind various types of clients to it: a token in REST, html cookies / session, etc.
Also, you can unify everything by using only https-headers in both cases and pass the session ID through them.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question