PHP: passing session variables from one domain to another domain

1

We have two projects hosted in different domains. I need to pass some information from one domain to another, to generate a ticket.

I was asked to send session variables to this other domain for ticket generation.

After some research, I saw that it is not possible to pass session data from one domain to another, is there any solution to work around this?

The rules for me to retrieve the desired information in another domain are as follows:

  • Session variables;
  • Next I redirect to the page of the other domain, where it already takes those variables;
  • I load the information I need and generate the ticket.
  • asked by anonymous 05.07.2017 / 15:05

    1 answer

    1

    In fact, it is impossible to pass session variables from one domain to another directly. This is not to say that there are no other ways to solve your problem.

    If you have two different domains running applications, even with the same source code, for all intents and purposes you have two isolated systems. You have two ways to get them to communicate:

      Through a database. If both applications have access to the same database, you can write in the base tables with one application and read with the other. The logic of how this would be done is at your discretion, but here's a suggestion: write session variables from the first application to the base and trigger a request to a URI of the second application to have it read those data. I recommend deleting the data after use.

    • Through service. This is usually the most elegant way. The application that needs to receive session variables can expose a service. The application that generates session variables can consume this service. This has the advantage of using the most standard form of communication between applications and keeping the databases of both systems isolated.

    For the second case, the flow is as follows:

  • First application generates set of values that you currently session guard;
  • First application consumes service from second, passing those values and the user ID;
  • The second application saves these values (in cached or cached), always associating a set of values with a user;
  • First application uses Javascript to open a new tab / window of the second application;
  • User logs in to the second application;
  • Second application recovers user data that is in the database or cache and does what it has to do with it (in your case, generate a ticket).
  • 17.07.2017 / 13:47