How can I share AuthUserSession across multiple applications under the same root domain? i.e we already have an mvc+servicestack application running (test.com) and now are adding another mvc application using asp.net core at two.test.com. Users authenticate at test.com.
I’ve done the following:
Using OrmLiteCacheClient for shared session/cache
Session cookie is shared via browser(RestrictAllCookiesToDomain) and null for localhost
How can I use [Authenticate] / [Authorize] attributes in my controller in two.test.com? how can I ensure that the current user’s session is loaded from the session/cache and those attributes play well?
Yes. I took a .net core sample from the github, changed from memory cache to PostgreSQL cache. Running two applications on localhost. First application logs a user in and sets the session cookie on localhost. I see active session in the db.
On the second application(core), when a request hits an action/ controller with Authenticate attribute, it redirects to sign in.
All three looked good. The issue was that sample app had CustomUserSession and therefore ‘__type’ in the stored session was not matching with my app. Worked after fixing this! Is there a way to get around this without having to share the same type?
Leave it as the default AuthUserSession, i.e. don’t use a CustomUserSession. Also I don’t see how the Auth Configuration would be exactly the same in both Apps if they both didn’t have access to the same CustomUserSession.