Same sessions in two different installs.

  • Resolved lazybatman

    (@lazybatman)


    9 years, 10 months ago

    I have two websites. i have created one database for both the sites so that when user registers into website one he can also use that login id for my second website. i have implemented that successfully. now i want to share sessions for example. when one user logs in to 1st website and when he goes to the 2nd website he should not have to login again. he should be already be logged into that website.

    this are the two webiste i want to implement this.
    this is the 1st website

    This is the 2nd website

Viewing 1 replies (of 1 total)
  • Moderator bcworkz

    (@bcworkz)

    9 years, 10 months ago

    WP maintains login status with an auth cookie. There is no way for another site to access this cookie, the ability to do so causes a huge security vulnerability. The best you can do is pass some secure token in the URL going to the other site, and if that token is valid, the other site could automatically set the local auth cookie so the user is essentially logged in.

    I’m not a security expert, so I couldn’t suggest how to create and verify such a secure token. If the URL uses HTTPS, security is much less of an issue. Over regular HTTP, the security aspects must be carefully considered. A stolen token would automatically log an attacker into the site unless appropriate measures are taken.

Viewing 1 replies (of 1 total)

The topic ‘Same sessions in two different installs.’ is closed to new replies.