Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sharing cookies between multiple subdomains on localhost #548

Open
aarepuu opened this issue Apr 26, 2023 · 1 comment
Open

Sharing cookies between multiple subdomains on localhost #548

aarepuu opened this issue Apr 26, 2023 · 1 comment

Comments

@aarepuu
Copy link

aarepuu commented Apr 26, 2023

What is the issue:
Hello. I'm trying to test sharing cookies between multiple subdomains on my local machine with a self hosted Supertokens instance following the guides in documentation (share-sessions-across-sub-domains and multiple-api-endpoints), but I'm not able to achieve the desired outcome.

I have an auth UI (a Vue.js app) exposed on http://localhost:3030 and an application UI (also a Vue.js app) exposed on http://localhost:3010. The application UI also supports subdomains, for example http://demo.localhost:3010. Then I have a auth API (a Nest.js app) set up for supertokens auth exposed on http://localhost:3001.

It is working as expected if I log in via the auth UI and then use the application UI on http://localhost:3010. However if I use the application UI on a subdomain, e.g. http://demo.localhost:3010 whilst already been logged in via the auth UI I am getting back doesSessionExist: access token does not exist locally from the auth API.

Also looking at the Cookies on dev console for http://demo.localhost:3010 the st-last-access-token-update cookie the domain is demo.localhost and for http://localhost:3010 the domain is localhost.

I'm wondering if my Supertoken configuration is not correct or whether it's not possible to test this on localhost without changing the /etc/hosts file and/or redirecting ports (or using a some sort of reverse-proxy setup), or I have missed something obvious?

How does my configurations look like:
Both frontend applications Supertokens init are as follows:

SuperTokens.init({
  appInfo: {
    appName: 'Example APP',
    apiDomain: 'http://localhost:3001',
    apiBasePath: '/auth'
  },
  recipeList: [
    /* other recipes */
    Session.init({
      sessionTokenBackendDomain: '.localhost',
      sessionTokenFrontendDomain: '.localhost'
    }),
  ]
})

The backend auth API Supertokens init is as follows:

supertokens.init({
      appInfo: 'Example API',
      supertokens: {
        connectionURI: 'http://localhost:3567',
        apiKey: 'super-secret-api-key',
      },
      recipeList: [
       /* other recipes */
        Session.init({
          cookieDomain: '.localhost',
        }),
      ],
    });

Anything else useful?:
Environment:

  • Supertokens frontends: vue: 3.2.47 and supertokens-web-js: 0.5.0
  • Supertokens backend: @nestjs/core: 9.0.0 and supertokens-node: 13.5.0
  • Supertokens core: self hosted via docker-compose using registry.supertokens.io/supertokens/supertokens-postgresql:4.3 and postgres:15-alpine.
  • User OS & Browser: Mac M1 running MacOS 12.6 and Chrome 112.0.5615.137
@rishabhpoddar
Copy link
Contributor

The config seems fine. I think the issue is that you are trying to do this on .localhost. You may want to try the method of modifying the /etc/hosts file.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@aarepuu @rishabhpoddar