Ways to securely send data / authentication through domains.
Hi guys, I know this sounds like a general question, but I looked through the entire SoF and could find something real in what I want to know.
Question counting (short and simple): I have several domains. You want to use one domain for authentication for everyone else. I know the theory underlying it and how it works. I don’t know how to do it.
Question: - domaina.com = central doamin - domainb.com = secondary domain - domainc.com = secondary domain
Part A: Login A user who visited the domainb.com domain zone should be able to enter their data to enter the login form, enter a login and this information should be safely sent to domaina.com/login.php. It will then process, confirm the cookie setting on domaina.com, and then resend the confirmation signal to the .com domain so that domainb.com can also set cookies and create a session. Once this is completed, it will be redirected to a page on the .com domain
Part B: Verify I want to do it this way, whenever a user visits domainb.com or domainc.com, the system will check the valid session if it is valid, if it does not contact domaina.com and does not check for the presence of a cookie installed login process. If it is installed, it will set the cookie in the new domain and log in. If it is not installed, redirect the user to the domainb.com or domainc.com domain page.
I don’t know how to send information between the domains, so I’m looking for an example of code or any type of thing that will help me send data between my sites safely (without https) without leaving it open for hackers to easily accept it.
I have no preference in the language, but I prefer php, js, html and open for ajax requests if it is safe.
I appreciate all your help. Thanks!
source share