Recently I worked on a project, which is a real time web application.
I use socket.io as the data server, and let's suppose that its domain is www.a.com
. On the other hand, I use express as the http server, and its domain is www.b.com
.
Now the problem comes, if I want to synchronize the session between two server(that means, if user login www.a.com
by socket.io, he/she is logged in when he/she visits www.b.com
), how can I do that?
Thanks in advance :)
ps: please forgive my poor English...
== Update ==
I have tried one solution: use the magic of postMessage
to communicate between different tabs.
When a user login in www.a.com
, I create a iframe
, whose src
refers to www.b.com
. And then I can pass login data from www.a.com
to www.b.com
, and trigger something to login in www.b.com
.
But I think it is not a best way to solve the problem, is it safe? or generate other problem? And I wonder if there are other solutions.
By their nature, cookies (which store session id) can't be read from different domains. I know of a mod for Apache that could encrypt login data from one domain and place it in a GET request (address bar) so the user wouldn't then have to log into a second domain. Sorry, I can't recall what it was called, but you could do something similar, all you'd need is require('crypto') I believe.
EDIT: Why do you want the sockets & web server to run on different domains? If they ran on the same domain, I believe there is a module to allow sockets.io to get the session data. I didn't use it myself, just read about it.