(Django) Sharing authentication across two sites that are on different domains

django django-authentication

Terry J · Oct 17, 2009 · Viewed 7.8k times · Source

I have two sites say foo.com and bar.com and are both Django based. Primary registration occurs on foo.com (I'd like the main user db to be here) and I'd like for three things to happen:

1) User that logs in to foo.com is automatically able to access bar.com without logging in again

2) User that logs in to bar.com directly is authenticated against foo.com user db.

3) There is no need for a user to register at bar.com directly.

How can I achieve this? If it greatly simplifies things I can make bar.com a subdomain of foo.com (eg. bar.foo.com) but they must be separate sites.

Answer

Your 3rd requirement could easily be solved by sharing the same database between the two sites (therefore having the same Users table.

The 1st requirement is tricky because of cross domain issues (the session cookie will not be shared).

What you are really looking for is a Single Sign On (SSO). You might consider django-openid.

(Django) Sharing authentication across two sites that are on different domains

Answer

Related questions