I create a site using AngularJS and a pre-configured WebApi2 token authentication template (individual user accounts). I try to log into two sites at the same time, one at www.domain.com and the other at sub.domain.com
I am currently using the following code in angular to authenticate a user:
$http({
method: 'POST',
url: '/Token',
data: serializedData,
headers: {
'Content-Type': 'application/x-www-form-urlencoded'
}
}).success(function (data, status, headers, config) {
$window.sessionStorage.token = data.access_token;
});
and add an authorization header for each request after:
app.factory('authInterceptor', function ($rootScope, $q, $window) {
return {
request: function (config) {
config.headers = config.headers || {};
if ($window.sessionStorage.token) {
$window.sessionStorage.loggedIn = true;
config.headers.Authorization = 'Bearer ' + $window.sessionStorage.token;
}
return config;
}
};
});
app.config(function ($httpProvider) {
$httpProvider.interceptors.push('authInterceptor');
});
The above code allows each site to log in individually, however, sessionstorage is not saved on other windows / tabs, so it will not register the user in a subdomain.
( ): http://blog.auth0.com/2014/01/07/angularjs-authentication-with-cookies-vs-token/
( ). - , , cookie:
app.UseCookieAuthentication(new CookieAuthenticationOptions()
{
CookieDomain = ".domain.com"
});
, ...