https://stackoverflow.com/questions/21964343
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianTo persist sessions across requests, Passport relies on Connect, which in turn relies on encrypted cookies containing a connect session id. To use the same sessions across multiple applications, you will need to synchronize your Express / Connect cookie parser and synchronize or share your sessions and user models. You would need to use an external session store (like Redis or Mongo) and probably separate your user database from the individual application databases. Additionally, you would need to copy and paste the cookie parser secret into each application.
It's not really the best approach, though. The maker of Passport also published an open-source OAuth2 Server, which you can use (in combination with Passport's OAuth 2 authentication support) to provide authentication for all the applications you want to tie together. This is a much more robust and scalable solution to your problem, as you won't have to worry about synchronizing secrets and sharing databases. Additionally, it would allow you to write any kind of application you want (not necessarily in node) and still implement shared single sign on.
(If that still sounds like more effort than it's worth, you can always just use an external identity provider. Google-account based OpenID requires no setup, integrates seamlessly with Passport, and lets Google do all the work.)
