I have example.com and app.example.com. How can I log someone in from one domain and share that session with the other?
Asked
Active
Viewed 1,217 times
4
-
Can you detail what you've tried so far? Keep in mind that [security rules](https://www.firebase.com/docs/security-quickstart.html) can reference data as well as auth creds. So if you write a value into Firebase with the session id and the new user's creds, they can be granted access. – Kato Jun 21 '14 at 16:25
1 Answers
3
Firebase Simple Login sessions are persisted using LocalStorage or SessionStorage which are scoped to HTML5 origin, which is a tuple of scheme, host, and port, which is why it is not shared across subdomains by default.
That said, you can manually enable this in your application by creating a shared LocalStorage system, using methods like described here at Can HTML5 databases and localStorage be shared across subdomains?.
Community
- 1
- 1
Rob DiMarco
- 13,226
- 1
- 43
- 55
-
XAuth hasn't been updated in 4 years, and apparently it doesn't work in modern browsers :\ I think I'll just auth the user through an iframe on the other domain. – Jonathan K Jun 23 '14 at 22:30