Level 1
I set this question for myself on pause for a short time. But now when I got back to it this is a solution which I found suitable for myself (maybe that will help someone else):
- Token in database
- Cookies at the front
Mar 22, 2022
1
Level 1
User session between two Laravel apps
I have two Laravel apps:
- Interface (Laravel application which makes API requests to Core service and has no MySQL or any service connected to it)
- Core (Laravel application, without UI, implements all the logic based on a request from Interface)
Scenario:
- User visit /login page
- Fill out the form
- Request sent to Interface
- Interface sends all data to Core
- Core checks that User exists
- Response that all good
- User logged in and redirected to /home
Problem: I don't really understand in which direction should I move to save the session in Core (for example if I want that session automatically expires in 4 days). Also, what should I store on the user's side? Cookie? Then how to make cookies secure from Cookie Hijacking?
Please or to participate in this conversation.