0

I've developed an API function with php to make a user login from siteA to siteB. siteA-login.php

$url = "https://api.siteb.com/login";
$cookie = "cookie-api.txt";
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
//curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, "data=".json_encode($curlPost));
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt ($curl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($curl, CURLOPT_COOKIEJAR, $cookie);
curl_setopt ($curl, CURLOPT_COOKIEFILE, $cookie);
curl_setopt ($curl, CURLOPT_REFERER, $url);
$response = (curl_exec($curl));
curl_close($curl);

header("location: https://siteb.com/restricted-content");

This is siteb where I login the user with CI4:

$session = session();
$session->set(array('user'=>$user));

However after the redirect I go to login page and not in the restricted content. How can I solve?

Improve this question
3
  • The cookie in the cURL call is owned by PHP, which is on your server. This is different from the cookie, needed by your browser to get access to the web site, which is stored on the computer where the browser client runs. Two different cookies. Commented May 30, 2022 at 15:25
  • Ok so cookies it's not a solution in this case? Are there other solution we can try? I thought about a link with a special parameter to make user login when he visit it by the redirect Commented May 30, 2022 at 15:27
  • See answer by Codewriter. Commented May 30, 2022 at 15:34

1 Answer 1

Reset to default
1

you can't set Cookies for other domain as you are on.

maybe you can try something like this:

  • User try to login
  • API request from A to B to get a Key ( remembered in Database Site B )
  • Redirect User with this Key to Site B ( query in Database if key correct )
  • Login User, delete Key to prevent second usage
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

It's a good idea...I what I thought when I answered to KIKO Software :)

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.