• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Sharing session between wildcard subdomain

Hi everyone, I'm in troublesome situation and can't figure out how to solve:

I'm creating a localhost project and using wildcard subdomains to change between languages: localhost:4001 for main language and subdomain en.localhost:4001 for English and fr.localhost:4001 for French. 

Everything work OK but when I login using AAuth, it not work on subdomains but on localhost:4001 only. I tried another session function and recognized all function using session not work.

Here is my config, I'm using CI 3.1.2:

$config['encryption_key'] = 'k5ogwL4ThZ5TpSsnUjveUp9gLaoFqbLX';

$config['sess_driver'] = 'database';
$config['sess_cookie_name'] = 'tcms_cookie';
$config['sess_expiration'] = 0;
$config['sess_save_path'] = 'ci_sessions';
$config['sess_match_ip'] = FALSE;
$config['sess_time_to_update'] = 300;
$config['sess_regenerate_destroy'] = FALSE;

$config['cookie_prefix'] = 'tcms_';
$config['cookie_domain'] = '.localhost:4001' ;
$config['cookie_path'] = '/';
$config['cookie_secure'] = FALSE;
$config['cookie_httponly'] = FALSE;

$config['csrf_protection'] = FALSE;
$config['csrf_token_name'] = 'csrf_test_name';
$config['csrf_cookie_name'] = 'csrf_cookie_name';
$config['csrf_expire'] = 7200;
$config['csrf_regenerate'] = TRUE;
$config['csrf_exclude_uris'] = array();

So please give me any suggestion how to fix it. I will appreciate for your help.

I am not sure that this is working or not but I think it's related to cookie_domain.

You are right. I set cookie_domain to some cases:

1. $config['cookie_domain'] = '.localhost:4001' ==> Not working on both.
2. $config['cookie_domain'] = '.localhost' ==> Working on main site only.
3. $config['cookie_domain'] = 'localhost' ==> Main site only.
4. $config['cookie_domain'] = '.' ==> Main site only.
5. $config['cookie_domain'] = '' ==> Main site only.
6. $config['cookie_domain'] = 'en.localhost' ==> English site only.
7. $config['cookie_domain'] = '*.localhost' ==> English and French sites.

No idea how to set to make them work on all sites.

Found a way to handle all sites:

PHP Code:
$subdomain array_shift((explode(".",$_SERVER['HTTP_HOST'])));
if (
in_array($subdomain, array('en','fr'))) {
$config['cookie_domain'] = $subdomain '.localhost';
} else {
$config['cookie_domain'] = '.localhost';

But it is like each subdomain and main site have their own different flow of session, but not share the same and only one session for all.

'.localhost' is the only value that should work on all three.

I'm saying "should" because some browsers will prepend that dot even if you didn't provide it.

'en.localhost' will only send the cookie to en.localhost
'fr.localhost' will only send the cookie to fr.localhost

Port numbers are not allowed - not just by CI, the cookie protocol simply doesn't recognize them. Thus, if you include a port in the domain name it will be invalid (and probably the currently used hostname will be assumed by PHP and/or the browser).


If it doesn't work with '.localhost', it's most likely due to a collision - your previous attempts have resulted in separate cookies created for each of the three domains, but all sharing the same name. Browsers will give precedence to exact matches, and therefore your cookies for en.localhost and fr.localhost won't be overwritten by the one for '.localhost'
To start clean - clear all of your cookies for these domains, or change the cookie name. It should work then.


Also, CI3 doesn't use your $config['encryption_key'] for sessions - that's irrelevant.

After a few tries, I gave up and created a visual domain http://dev.local/ on my computer instead of using localhost. Now everything work fine. Turn out using localhost with port was not my brightest idea of development. Thank alot, Narf.

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  

  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.