I have some 30 different applications written in node js (expessjs). I am building single login for all, if user login into one app then he can access all other apps with one session, I am sharing session secret on all apps for that,
Problem is req.session is now shared with all apps, if any app store anything in session for local use of that app is also share will all apps,
I want to resolve this problem something like two sessions etc one can be shared will all apps and one for local use of that app.
Anyone have any idea please share.
Module used
express-session, cookie-parsor, redis-store
[MODIFIED]
Local data also need persistent, since few apps have multiple instances.
First case is session flash data
Second case is user permission details
Thanks
Related
I am trying to make SSO in my application and I search a lot about SSO and in the end, what I conclude is to create a global session auth them and then create a local session. I know how to create a local session but I don't know how to create a global session.
My one application is on vue and another is on angular. A domain like for vue abc.com/vue and abc.com/angular.
So what I want if the user login in any one of them then in another application user automatic authenticate that's was SSO means.
My problem how can I create a global session for both applications.
I used Express as my authentication server (Single Authentication Server).
Please Sorry if I write something weird.
In a simple word, I want SSO in my application
I have several apps with node.js & passport using oauth (openstreetmap oauth).
e.g.
domain.com/app1
domain.com/app2
There is a proxy distributing the requests to each app.
I have tried to use the same secret & key in both apps, but as soon as I open one app, I have to login again.
I store the session with connect-pg-simple.
What could be an approach to use the oauth login and "session" from both app? Of course both apps needs the sessions to store additional data.
Would it be a solution to have a shared session table (every app has his own postgres database) ? but i assume this can result in merging data problems, when both apps want to update the store ?
My idea is to provide several small node.js / postgres apps, not depending on each other, but using the same comfortable oauth login.
i am using express framework, in my requirement have to maintain a login server and content server, a user can login from one server and then searching the content's from other server.
any best idea to implement this concept? and please share, how to share the user's data while connecting or redirecting to another server?
If you are creation sessions on logging, then you can session across multiple node process/servers using extenal session store service.
Search on Express session stores.
You can store session on mongodb/redis or any other.
Redis Session Store example : http://blog.arisetyo.com/?p=492
I am trying to move our application to a multi-tenant structure, with a different database per customer.
We are using node.js, express and passport for authentication. I tried looking into passports.js but it seems to have been published 2 years ago and keeps having issues with node.
Is there an alternative?
Or, how do you set up multi-tenancy with passport.js?
passport is for authentication, so you need to make sure, email can be duplicated only with different tenant id.
Here is a package to manage one database for all tenants:
https://www.npmjs.com/package/node-express-multitenant
We have 3 nodejs web application running on same domain name on same vps with multiple subdomains and implementing passport authentication for each. We wanted single user be able to access all application with single account and for that we have added accounts.example.com as fourth application solely for purpose of account management. The requirement is - once user is authenticated in accounts.example.com, how to enable user to access rest of the three web application with that session.
you can share your session in redis-server.if you use express,you can try to use connect-redis
https://github.com/visionmedia/connect-redis
Try Hands on CanSecurity... It tops the chart for node.js Single sign on.. Hope this proves fruitful https://github.com/deitch/cansecurity