views:

229

answers:

2

If you multiple subdomains e.g.:

sub1.domain_name.com

sub2.domain_name.com

Is there a way to have a user be able to log into both of these without issues and double login issue?

The platform is Python, Django.

+8  A: 

Without information regarding what platform you are using, it is difficult to say. If you use cookies to store authentication information, and you are using subdomains as you describe, then you can force the cookie to be issued for the highest level domain, e.g. domain_name.com.

This will be accessable by both sub1 and sub2, and they could each use that for their authentication.

EDIT:

In the settings.py for each application running under the subdomains, you need to put SESSION_COOKIE_DOMAIN = ".domain_name.com" as per the django docs

Khanzor
The platform is Python, Django.
Daniel
Are you using session middleware? Or are you manually creating the cookies?
Khanzor
I am using session middleware.
Daniel
Setting SESSION_COOKIE_DOMAIN doesn't seem to work for me on my localhost server, though it does work on the production website server. Is there a configuration trick to get it working on development/localhost?
MikeN
You can only set the domain based on the current domain you are accessing the page from. So, you can only set cookies for domain_name.com when you are actually accessing it. I'd suggest that you add a few lines specifying your domains and subdomains into your /etc/hosts file (assuming Linux). Try serverfault.com for help with that :)
Khanzor
Sorry, commenting from my phone :)
Khanzor
+5  A: 

Yes. Just set the cookie on the domain ".domain_name.com" and the cookie will be available to sub1.domain_name.com, and sub2.domain_name.com.

As long as you maintain your session information on both domains, you should be fine.

This is a very common practice, and is why you can log into your Google Account at http://www.google.com/ and still be logged in at http://mail.google.com.

razzed