Closed jremi closed 5 years ago
julianlam
commented
5 years ago If your app and your NodeBB are on separate domains then there's no way for you to share a cookie. They'd have to be using the same domain at least, e.g. community.mycoolapp.com and app.mycoolapp.com, and the cookie would be saved under domain .mycoolapp.com
jremi
commented
5 years ago What if I store the JWT into browser local storage on the outside domain app and then when the nodebb on the other domain loads it will check local storage to see if it finds a JWT. If it finds the JWT it creates the cookie ....
What do you think about this approach? Just thinking out loud.
FYI - I believe standard browser local storage is also set to work only for the same domain... But I believe a solution like this might work:
julianlam
commented
5 years ago Unless I am mistaken local storage is even more locked down than cookies.
jremi
commented
5 years ago @julianlam Yes you are correct, not sure if u see the revised edit on my previous post... It appears there are some options now for cross domain storage....
If it was possible using a cross storage method , do you think that could be a potential option?
julianlam
commented
5 years ago Hacky, but no reason why it would not work. It wouldn't be something I'd support in this plugin though.
Hi Julian,
First I want to thank you for all of the great repositories. 👍
I installed nodebb-plugin-session-sharing on a nodebb 1.11.1 environment.
I did some basic configuration of the session plugin.
I created a JWT token and for testing I stored the cookie directly on the same domain as nodebb.
I was able to authenticate fine and the plugin works great.
So my question is related to cross domain....
If I have a external app running on lets say...
www.mycoolapp.com
And my nodebb is on ...
www.coolnodebbsite.com
Is there anything special I need to do for the session-sharing to work for this cross domain cookie to work.
My assumption:
It should login correct? Just looking for clarification.
Thank you.