In my domain I have two subdomains. In the first subdomain is Nodejs app, in the second - will be .Net Core app.
Nodejs app with Passportjs, express-session modules authenticates users. Express-session creates singed cookie like 'sessionid.hash'. A Session cache - MongoDb. If a cookie was founded .Net Core app has automatically login. Now it working, but it encrypts founded cookie key. When an user want to return to Nodejs app, he can't. Because Nodejs does not recognise encrypted key.
I read about IDataProtector, but I don't understand how I can disable session key encryption?
Startup.cs
services.AddSession(o =>
{
o.Cookie.Name = "my_session";
o.Cookie.Path = "/";
o.Cookie.IsEssential = true;
});
services.AddSingleton<ISessionStore, AppDistributedSessionStore>();
In my domain I have two subdomains. In the first subdomain is Nodejs app, in the second - will be .Net Core app.
Nodejs app with Passportjs, express-session modules authenticates users. Express-session creates singed cookie like 'sessionid.hash'. A Session cache - MongoDb. If a cookie was founded .Net Core app has automatically login. Now it working, but it encrypts founded cookie key. When an user want to return to Nodejs app, he can't. Because Nodejs does not recognise encrypted key.
I read about IDataProtector, but I don't understand how I can disable session key encryption?
Startup.cs