F
Filament8mo ago
Dwayne

The session is not shared across multiple domains with tenancy

I have configured a tenant in the panel. It works fine, however, the sessions are not shared with other domains, but the sessions are only shared within the domain where you log in. After the redirect (to tenant domain), the session gets cleared.
->tenant(CompanyShop::class, slugAttribute: 'domain')
->tenantDomain('{tenant:domain}')
->tenant(CompanyShop::class, slugAttribute: 'domain')
->tenantDomain('{tenant:domain}')
When logging in to the main domain https://dashboard.test/login, the tenant account is linked to the domain name https://app.otherdomain.test, and I'm redirected there, which works fine. However, the session is lost, requiring me to log in again on the tenant domain. How can I ensure that when logging in to the main domain, I am redirected to my own tenant domain and automatically logged in there?
12 Replies
Dwayne
DwayneOP8mo ago
Dwayne
DwayneOP8mo ago
When I set the tenant domain to app.dashboard.test (a subdomain of the main URL), the session will also be forgotten.
Dwayne
DwayneOP8mo ago
Does anyone have an idea how to solve this?
awcodes
awcodes8mo ago
Sessions can’t carry across sub or top level domains. Each one has its own session.
Dwayne
DwayneOP8mo ago
How can I ensure that someone logs into the main application and gets redirected to their own domain without losing the login?
awcodes
awcodes8mo ago
Possibly with a custom middleware. But I don’t have any concrete examples to give you.
Dwayne
DwayneOP8mo ago
awcodes
awcodes8mo ago
Yea, the domain can identify the tenant, but it can’t preserve sessions across domains, that’s really a limitation of Laravel and php and not necessarily Filament. I’m sure there’s a way to make it work, though. Just not out of the box.
Dwayne
DwayneOP8mo ago
Ah okay, thought Filament takes care of this too. That explains why it doesn't work. Do you have any idea how to solve this? You say a middleware and then redirect, but what should I send along? Something for the session/cookies?
awcodes
awcodes8mo ago
Yea. Fundamentally. But I think there could be issues still since you can’t log them in without first redirecting them to setup the new session. At which point it’s too late to programmatically log them in. It’s kinda a race condition. But maybe someone else has some better insight. Maybe try a google search for persisted authentication across domains in laravel.
nostrodamned
nostrodamned7mo ago
if you set the SESSION_DOMAIN=.yourdomain.com in env sessions will be persisted across subdomains @Dwayne @awcodes - just did this with socialite login and seems to work
awcodes
awcodes7mo ago
Thank you for the update.
Want results from more Discord servers?
Add your server