问题
I'm using node.js + passport and trying to figure out how the set the cookie on the parent domain so that it's available to sub domains.
User logs into Domain.com User then goes to Sub.Domain.com ... he should still be logged in.
how does one set the cookie on the parent domain? Here's what I currently have.
app.use(express.session({
secret: 'XXXXX',
store: new mongoStore({ url: app.get('mongodb-uri') })
}));
app.use(passport.initialize());
app.use(passport.session());
回答1:
What you need to do is set the domain of the session cookie. You should be able to do this like:
app.use(express.session({
secret: <session_secret> ,
store: <session store> ,
cookie: {
path: '/',
domain: '.domain.com',
maxAge: 1000 * 60 * 24 // 24 hours
}
}))
Notice that the domain was set to .domain.com (the dot at the beginning) which should make it available to all subdomains.
回答2:
Note: If using Express 4 and the new cookie-session module, the code looks like
{
secret: <session_secret> ,
store: <session store> ,
domain: '.domain.com',
}
This bit me, but the API has changed.
来源:https://stackoverflow.com/questions/23178104/node-js-passport-session-cookie-domain