Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Is there any need to add $cookie_domain to settings.php file? #40

Open
izmeez opened this issue Oct 23, 2024 · 5 comments
Open

Is there any need to add $cookie_domain to settings.php file? #40

izmeez opened this issue Oct 23, 2024 · 5 comments
Labels
needs - more feedback This issue needs more input from others type - question Further information is requested

Comments

@izmeez
Copy link
Contributor

izmeez commented Oct 23, 2024

Is there any need to add a $cookie_domain line in the settings.php file?
$cookie_domain = '.example.com';
As suggested in the old comment, https://www.drupal.org/project/domain/issues/1559486#comment-10176824
@izmeez izmeez changed the title Is there any need to add $cookie_domain to settings.php file Is there any need to add $cookie_domain to settings.php file? Oct 23, 2024
@izmeez
Copy link
Contributor Author

izmeez commented Oct 25, 2024

If the $cookie_domain = '.example.com'; is added to the settings.php file the user is not logged out when the line in the settings.php to include the domain module file is commented and then uncommented, as described in #39

@yorkshire-pudding yorkshire-pudding added the type - question Further information is requested label Nov 8, 2024
@izmeez
Copy link
Contributor Author

izmeez commented Nov 12, 2024

Now that issue #39 is fixed it leaves me wondering what other benefits having the `$cookie_domain = '.example.com'; may have.

@izmeez izmeez added the needs - more feedback This issue needs more input from others label Nov 12, 2024
@izmeez
Copy link
Contributor Author

izmeez commented Nov 12, 2024

This is related to issue #32.

@izmeez izmeez mentioned this issue Nov 12, 2024
Closed
@yorkshire-pudding
Copy link
Collaborator

@izmeez - I tested this:
With $cookie_domain set to primary domain, then logging in on any of the domains you are logged into all.
Without $cookie_domain set, all the logins have to be done separately.

So whether do you or not might depend on use case and whether the same users have access on all domains:

  • Use case 1 - single company with multiple brand images, same people updating content and settings for all sites > set $cookie_domain
  • Use case 2 - Tim's example of organisation with 2 separate branches that operate fairly autonomously and are each responsible for their own content > don't set $cookie_domain

I think the comment in settings.php is pretty clear and helpful:

/**
 * Backdrop automatically generates a unique session cookie name for each site
 * based on its full domain name. If you have multiple domains pointing at the
 * same Backdrop site, you can either redirect them all to a single domain (see
 * comment in .htaccess), or uncomment the line below and specify their shared
 * base domain. Doing so assures that users remain logged in as they cross
 * between your various domains. Make sure to always start the $cookie_domain
 * with a leading dot, as per RFC 2109.
 */
// $cookie_domain = '.example.com';

@izmeez
Copy link
Contributor Author

izmeez commented Nov 12, 2024

@yorkshire-pudding Thanks for pointing that out. I had overlooked it being in the settings.php file by default. I am inclined to consider adding a reference to it in the domain install quickstart.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
needs - more feedback This issue needs more input from others type - question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@izmeez @yorkshire-pudding