Logging in a user with CURL to another domain (also q2a)

Question

Same qa_users database on two domains. Goal is to login the user to both domains at once.

I am still not using single-sign-on, instead I wanted to try something else:

1. User logs in.

2. PHP script sends email, passhash and IP using CURL (domain1 to domain2 call)

3. PHP script on domain2 logs the user in.

Now I see that this might be not possible, because:

A: the login script (on domain2) uses qa_db_user_logged_in($userid, qa_remote_ip_address()); and the remote IP is the server itself. This I could solve passing the user IP.

B. of qa_set_session_cookie() that tries to set a cookie for identifying the user. HOWEVER; the cookie is obviously not set (or set to the caller, the server).

Any way I can overcome issue B?

Comments

is it same sub-domains?

---

No, two different domains. Domain1.com and domain2.com

---

With subdomains it is just straight forward. Otherwise, I don't think it's impossible but have to implement the stuffs you have mentioned.

---

As I said, it works serverside, but setting the cookie does not work because it "sets it at the calling server". So maybe it is impossible without another hack.

---

Probably you'll have to modify qa_set_session_cookie() implementation to set it to multiple servers. But I'm not sure if this is allowed due to security reasons.

---

This is definitely not allowed.