Andy Holmes Andy Holmes - 1 month ago 32
PHP Question

Laravel - Multi domain using single login server?

I'm setting up around 4

Laravel 5.3
based apps at the moment, they are all part of one "ecosystem".

I plan to use a central
Laravel
app that will handle any user signup, user login and also hold all user details. These details will be used across the 4 separate Laravel web apps. I may also use these user details inside mobile apps in the future so I assume i'll need some sort of JWT based system to control this.

I've thought about using
Laravel Passport
to achieve this but I don't think this will work for this scenario. In all honesty, the documentation is not clear to me whether this is the sort of system it is designed for or if I need to use a different oAuth2 system. My understanding is it is for API authentication only, or am I wrong?

All my other Laravel apps will be on different servers so I can't share the database unfortunately. I need to implement a cross domain solution it seems.

Thanks in advance for any info on this, just to clarify that I am not asking you to code the script for me, simply to help point me in the right direction on how to do this properly - can't really show code on something I don't know!

I believe I have explained everything that I am trying to achieve here, and I have already done research but nothing seems to be clicking in my brain.

Answer

I think it depends on your business logic. Below is what i'm thinking:

  1. If what you mean Multi Domains is the sub domains (as you mentioned login.site.com), i think the simplest way is to use site.com wide cookie with redis/memcached as the session storage solution.
  2. If they do have different domain names, and beyond the central site, user when visit site A also want site B feature (or content, those sites are closely connected), i thought the JWT solution is the better choice.
  3. Any other cases, choose OAuth

Well, maybe others have better ideas.