Hi
So am totally new to laravel and tried reading and following some steps
First app uses JWT auth (and has API enabled), second built in AUTH
main folder and second in subfolder
Both have different users tables, but matching ID/email/password ( clone on creation )
But each have different columns as extras on users table
I synced both session.php ( in config ) to almost same values
Changed Both to use Database for sessions
Changed Same app name and same app key
In browser i see same cookie i think, but in sessions table, i get two rows when i test login to both individually
Am not sure if this has to do with auth or any other encryption ? or where to check
My end result should be usually simple I want login on first app to simulate another login on second
Not much for security worries
Dont know how to change to SSO or Passport here, all i want to achieve is something i can insert via php or curl or post to send same login data to the two places
OR
Use the same session, but what do i do to make second one auto login after all those steps ?
If they're both on the same domain, you can try setting the session domain in your config or env (whichever you prefer) to allow the session to be shared across the whole domain.
Both apps will probably need the same APP_KEY (and JWT_SECRET if you're using jwt-auth package) as well if you're handling the authentication on both apps.
There shouldn't be any need to login twice. It's probably better to login at one place, whether a web page or an API. Then return JWT token to the app that requires it and let the other app authenticate the user's session using the web auth middleware as usual.
For first parts Ive done that
I also just did a test route ( learning )
dd(\Cookie::get()); they give same result
Even though am using same app key and all above, not login still
I logged from main app --> visited second its not logged in
Does this have to do with second one using JWT ? like it cannot decrypt the cookie or something ?
If so how do i make it readable ?
OR in case it doesnt actually matter and decryption as i read only based on APP key, then what else is needed for me to make that second one auto login since cookie exists
JWT is stateless and it does not rely on cookies. Cookies are stored on your browser. You need to pass the JWT token to your API every time you want to make a request that requires authentication.
Thank you for your replies, but just a reminder, still a noob here :)
We given that JWT is not reliant in this case,
We have same cookie shared in the folder and subfolder app
But still the second app in the folder, is not logged in using that cookie
In a clearer question
Besides sharing that cookie, was there another step everyone assumes its a given to make second app logged in !
What am i missing ?
Should i modify some code here still or so ?
Thank you again
each app was prebuilt by someone,
each user table is diff
First app has extra columns with specific app details
Second one has lots of more columns for each game
Both apps are pre-built,
As for mysql , I synced user IDs - password hashes for all usersname to make it easier for integration
At first they were totally diff, now i have 3 matching columns : ID /username/password
so main app has table users second app : w_users
I can login manually with same user and password for both that works, I need to make login once
Ok it is working now !
I dont know what refresh helped with even though i was using incognito at every try.
But
I again changed Appname, Appkey to match new ones
Refreshed and its working as intended.
Now am considering a second approach, merging both users tables into 1 :
users and w_users tables,
Is it easy to just point laravel to use w_users instead of users ( ie use the prefixed second app one just for the case of users table ? )
