I have multiple front-end & back-end apps running on different subdomains of the same domain. On the main front-end app I want to build a thing to switch between subdomains but also keep the session.

I've tried to:

• use express-session
• do some tricks with the JWT authentication
• localStorage is not going to work as it is persistent on only 1 URL

but still can't figure out:

1. Is it possible to have a session shared across multiple subdomains?

2. What is the best solution to have a shared session across multiple subdomains?

The technologies I use:

• Front-end: React JS
• Back-end: Node & Express JS

CodePudding user response：

To share sessions across sub-domains, you need to configure two things.

1. You need the proper cookie settings for the session cookie so that the browser will send the same session cookie to both sub-domains. This involves setting the domain attribute on the cookie to the root domain. You can set this in the cookie options for the express-session configuration.

2. You need to make sure that the server for each sub-domain has access to the same session store. If it's actually the same server for each sub-domain, then that's easy. But, if it's a different server, then you will need a shared session store, using some type of shared database (redis, mongodb, etc...). There are session store implementations for many different databases.