I am trying to make session work across multiple subdomains (typically : domain.local, client1.domain.local, and api.domain.local)
I am on the login page on domain.local, and I call the api.domain.local in order to login, then I refresh the page is it was correct.
I did that on both domains:
$session = new Phalcon\Session\Adapter\Files(); $session->start();
But then I added that before session->start() :
$session->setOptions(array('cookie' => array('domain' => '.' . $oConfig->application->domain))); ini_set('session.cookie_domain', '.' . $oConfig->application->domain);
And it still does not work. When I display $_COOKIE, it works fine, I get the same PHPSESSID cookie on both domains, but when I var_dump $_SESSION, I only have '_started' => boolean true , nothing else.
What am I doing wrong please?
Also, if there is a way to prevent using sessions, and use HTTP headers instead (Authorization header) and keep a pool of authorized tokens in a memcached, it would be really great, any tips greatly appreciated!
Thank you in advance,