Does the package handle session cookies?

[justageek]

Hi, does this package handle switching domains in order to set session cookies for user authentication, since Laravel only uses a single domain by default from the env file?

[gecche]

Hi,

what do you mean exactly? To my knowledge, the browser handles automatically cookies keeping them separated depending upon the (sub)domain, tough I'm not an expert and I'm not completely sure.

If instead you meant the session cookie name in the session.php config file, the answer is yes:

'cookie' => env( 'SESSION_COOKIE', Str::slug(env('APP_NAME', 'laravel'), '_').'_session' ),

simply use a distinct APP_NAME in the domain envs or use another env value

Let me know If I did not understand correctly your question

Cheers

Giacomo

[justageek]

Thanks, I found the code where Laravel sets the session cookie, and it uses the value of the config named session.domain, and by default it is going to use the hard-coded domain name from the SESSION_DOMAIN variable in the .env file, so somehow you have to alter this value if a user is logging in at a different domain. So if my env file has the SESSION_DOMAIN set to domain1.com, but the user it logging in at domain2.com, the session is not going to work for that user.