Open jonphipps opened 11 years ago
You mean that a redirect from foo.myapp.com
needs to end up on www.myapp.com
because that's what the callback URL would be set to globally? For that, I would probably just pass an extra ?account=foo
parameter and use that to reconstruct the info to redirect back to foo.myapp.com
.
Another option might be to set session_domain = top
in conf/config.php
so the cookies are set to .myapp.com
and should be maintained across subdomains, in which case you could set a session variable before redirecting and read that to know where to redirect to.
In trying to implement social logins, specifically GitHub, I need to register a callback URL. This registered callback URL specifically needs to have the same domain as the redirect URL, so a call from
foo.myapp.com/user/login/github?redirect=/mypage
must be able to handle a response to and fromwww.myapp.com
or some other global subdomain, and ultimately result in the user being logged in and redirected tofoo.myapp.com/mypage
.What's the best way to implement this? Initially the customer is known based on the subdomain, but this is lost in the normal session-state because the domain switching loses the session. We can do a fresh customer lookup after successful login and rebuild the redirect URL, but I just want to make sure that's the best thing to do, especially since this won't work if a user can be a member of multiple customers.