Love Fuel?    Donate

FuelPHP Forums

Ask your question about FuelPHP in the appropriate forum, or help others by answering their questions.
Multiple Domain Sessions
  • SyntaqxSyntaqx
    I'm trying to come up with an elegant solution for retaining sessions across multiple domains. An example of this being: Users visits domainA.com
    domainA.com sets a shopping cart item, which is reflected in their session
    User visits domainB.com
    The user would still have the item from domainA.com in their shopping cart Does fuel have an elegant solution for this problem? Or is there a good implementation of this? Thanks.
  • SyntaqxSyntaqx
    How would the application determine the common key for both sides? I couldn't store a cookie, as cookies aren't accessible from the domain that didn't set them.
  • HarroHarro
    Use stuff you know in all applications to generate a random key. For example: 
    $shared_key = md5($user->id . \Input::real_ip() . \Input::user_agent() );
    Which will generate the same key for this user, as long as it is accessed from the same PC and same browser, which I think comes close to default session behaviour.
  • HarroHarro
    I don't think you should refer to this as 'sessions', as you're clearly talking about different sessions.
    Sessions are bound to a host and/or domain and/or path via the session cookie, and will therefore always be different for DomainA and DomainB. Assuming these domains share the same user information, you could opt to use that to store the information in a shared backend, like redis or memcached (or a database, but then expiration is a bit more complex).
  • JaapRoodJaapRood
    Ive had a similair problem a while ago, allthough not in Fuel. We used shared redis and had little problems implementing it. Fuel has a redis class i've yet to try, but looks easy. Redis has great performance and the support for lists makes me prefer it over memcached. Ofcourse, you do need a box to run it on.
  • SyntaqxSyntaqx
    I was looking into using the database session storage, rather than Redis, and I assume that they will both be relatively the same implementation styles for sharing sessions. I realize that domainA and domainB will have different sessions, does anyone have an idea on how to make them sync with each other?
  • HarroHarro
    You can't keep them in sync, as session id's are randomly generated, and frequently rotated. So you'll have to resort to using a common key, known by both applications. Since you can't store that in the session without altering the table structure and the code, you need to store it elsewhere. From a functionality point of view it doesn't matter where, as long as all applications can access it. If you use memcached or redis, you can utilize the built-in expiration mechanisms to achieve session like behaviour. If you store it in a database table, you'll have to do expiration management and deal with garbage collection yourself.
Add a Comment

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Categories

In this Discussion