Unify Laravel Authentication / Session Across Apps


Question: Is it possible to make single login authentication for multiple laravel apps on same domain?

Condition: Laravel stores session on two places: client-side on encrypted HTTP cookie and server-side on (optional) encrypted key-store value.

Idea: Make each apps reads the same session both on client-side and server-side and make sure both application reads same ‘users’ table.

How to unify client side:

  1. Open config/session.php
  2. Find ‘cookie’ parameter
  3. By default the value should be ‘laravel_session’. It’s okay to put there, or if you want you can change that to other name. Just note that this value must be same accross application
  4. Open .env
  5. Set same 32 string length APP_KEY for each application
How to unify server side (using redis as session manager):
  1. Install redis (if you have not)
  2. Install predis package (if you have not)
  3. Open .env
  4. Change CACHE_DRIVER to redis for each application
That’s all folks !

Well, there are other configurations to think of such as cookie domain, cookie path, session encryption, and redis clustering. You should look them if you need to.