Each app has user login module; user get from a database view its level (guest, tecnic, admin) and could get also the app name he can use.
I’d like to have unique login form in a different domain, eg differentdomain.com/login.php so when a user fill the form, his data is read from the database and can get authenticated access to app1.domain.com or app2.domain.com based on the data
I can use yii but if simple i’d like to use simple PHP in the differentdomain.com
You cannot do cross-domain cookies. If you’re on abc.com you cannot assign cookies for xyz.com.
However, what you’re talking about is sub-domains. It’s all one domain so you can set the cookies for the domain example.com then access it from hello.example.com and world.example.com. Sub-domains are not new domains. Your cookies should look something like
OAuth2 will not inherently solve your problem, because the first domain cannot assign cookies from the second. You want to persist a session in the browser, that means you need cookies for that other site.
There are a few things you might be able to do. A cross-domain AJAX request with some token validation — abc.com contacts xyz.com for an authorization token with some information about the user to be authorized on xyz.com. Then on the xyz.com server attach that user to an authorization token. Send abc.com that information back to the browser client and then the browser uses that authorization token in an AJAX request, hidden iFrame, or even a simple redirect to xyz.com. The xyz.com site then takes the token and logs in the user that’s assigned to it, during that request xyz.com returns some cookies. At least that’s my idea for it. Someone might have a better way to do it.
