1

I'm trying to set it up so if you log in to my website (using codeigniter) the session carries over to other domains (not subdomains) of my multiple websites. For example, if you go to domain.com and log in, then go to domain2.com, you'll already be logged in at domain2.com.

I cannot figure out where to start.

Thingamajig
  • 4,107
  • 7
  • 33
  • 61
  • You would like to read this similar case http://stackoverflow.com/questions/4759312/session-share-across-multiple-domains-on-same-server – WatsMyName Sep 17 '12 at 08:26

2 Answers2

1

First approach that comes to mind would be using a shared database that would hold the 'logged in' flag, that each domain would poll and update. Using cookies is not an option as they are bound to the domain.

Endy
  • 698
  • 3
  • 11
  • How would you detect which record in the database to pull? – Thingamajig Sep 17 '12 at 08:06
  • Initially you would have all users log into all of your sites at least once, then set the shared ID into a cookie for each of the domains. – Endy Sep 17 '12 at 08:13
0

You need to use one domain as the main login system (keyDomain). Then for each other domain2, you query the keyDomain for a temporary key, use this key to log to the domain2. The server of domain2 will check the key on keyDomain.

You need two methods on keyDomain. - One to build the keys. They must be time dependent and valid for 5min. - One to check the key, check the given key against the current one, and then agains the previous one in case the time slot have changed between query and check. (Both current key and previous one are valid so it make a 10min validity).

The key is simply a string containing time+user_ID+salt, all encoded.

You should look at how facebook connect work.

bokan
  • 3,601
  • 2
  • 23
  • 38
  • The multiple domains are running on one server and one install of Codeigniter. What's the approach now? – Thingamajig Sep 17 '12 at 08:09
  • It is the same, except that the comunication between servers is simplified, you can just store keys in database. Store the user ID + Random string. – bokan Sep 17 '12 at 08:15
  • How would I access the database? Meaning, how would I recognize that a user is logged in on one and that there is an entry for that user in the database already? – Thingamajig Sep 17 '12 at 18:52