• r

    rp

    8 months ago
    Ah yea! Exactly.
  • pogseal

    pogseal

    8 months ago
    does SuperTokens auto-log you in with https://supertokens.io/docs/thirdpartyemailpassword/common-customizations/sessions/share-sessions-across-sub-domains. For example, does the frontend know that you are logged in when navigating from each subdomain
  • r

    rp

    8 months ago
    Yea. Across sub domains. If you configure it that way.
  • r

    rp

    8 months ago
    Yes. The frontend would know
  • nahtnam

    nahtnam

    8 months ago
    Thats unfortunate, I'm still interested in using SuperTokens though. Any suggestions on a "workaround" I can use until then? For example, can I host one ST endpoint and have all my apps use it, and later if and when this feature comes out, i can swap the code to use that?
  • pogseal

    pogseal

    8 months ago
    awesome, thanks, will give it a try
  • r

    rp

    8 months ago
    Continuing your example, you could integrate main.com with supertokens. Post login, you can send off the JWT (which is accessible from the frontend), to your other sites. Those sites can then use this JWT for creating their own session (via supertokens again!). However, you would need to build in logic to make sure that the JWT is being transferred in a secure way - which is essentially implementing one of the OAuth protocols
  • r

    rp

    8 months ago
    You could try and use an OAuth lib on top of using supertokens to enable that.
  • r

    rp

    8 months ago
    Or if you don’t care too much about security and just want to get it to work, then you can send the JWT to the other sites via a simple redirect.
  • djgovani

    djgovani

    8 months ago
    We can also use cookie to use JWT in subdomain. Check this for more info https://stackoverflow.com/a/23086139/9239611