Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

Stank0V01's avatar

New session per subdomain!

Hello im tryna make one auth session per domain! So here is more details.

I want to make something like that:

https://ultranetwork.buycraft.net http://ownagepe.buycraft.net/

All of that sites have own session and when loggin in in one of it in another site you must loggin in again. So here is my routes

<?php

/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| contains the "web" middleware group. Now create something great!
|
*/

Route::group(['domain' => env('PLAIN_URL')], function () {
    Route::get('/', 'HomeController@index')->name('home');
    Route::post('/gdpr', 'HomeController@gdpr');
    Auth::routes();

// Main site cart
    Route::group(['prefix' => 'cart'], function () {
        Route::post('/checkout', 'CartController@page')->name('checkout');
        Route::get('/success', 'CartController@success')->name('purchaseSuccess');
        Route::get('/failed', 'CartController@failed')->name('purchaseFailed');
        Route::put('/proccess', 'CartController@proccess')->name('purchase');
        Route::get('/check', 'CartController@check')->name('check');
    });

});

// Shop things content
Route::group(['domain' => '{slug}.' . env('PLAIN_URL'), 'middleware' => 'ShopExist'], function () {
    Route::get('/', 'Shop\HomeController@page');
    Route::get('/language/{lang}', 'Shop\LanguageController@changeLang');
    Route::get('/currency/{currency}', 'Shop\CurrencyController@change');
    Route::get('/category/{category}', 'Shop\CategoryController@page');

    Route::group(['prefix' => 'auth'], function () {
        Route::get('/login','Shop\AuthController@page')->middleware('guest');
        Route::get('/logout','Shop\AuthController@logout')->middleware('auth');
        Route::post('/login','Shop\AuthController@create')->middleware('guest');
    });

});

My Session.php config

<?php

return [


    'driver' => env('SESSION_DRIVER', 'database'),


    'lifetime' => env('SESSION_LIFETIME', 120),

    'expire_on_close' => true,


    'encrypt' => true,


    'files' => storage_path('framework/sessions'),


    'connection' => null,


    'table' => 'sessions',


    'store' => null,


    'lottery' => [2, 100],


    'cookie' => 'myshopmcsession',


    'path' => '/',


    'domain' => env('PLAIN_URL'),


    'secure' => env('SESSION_SECURE_COOKIE', false),


    'http_only' => true,


    'same_site' => null,

];

So when you loggin in in one site to not log you in another!

0 likes
1 reply
hollyit's avatar
hollyit
7 years ago
Best Answer
Level 8

Set domain to null. If no domain is sent in the set-cookie header, then the browser will only save it for the exact domain of the document location, and exclude any subdomains. You can read about the domain portion here

Please or to participate in this conversation.