更新时间:2023-09-28 18:39:58
您所问的称为单点登录 (SSO),可以通过几种方式实现.关于这个问题有很多话题,例如:你最喜欢的跨域cookie是什么共享方法?但它们都因个人要求而异.
What you asked is called single sign on (SSO) and can be implemented in few ways. There are many topics on this matter, example: What's your favorite cross domain cookie sharing approach? but they all vary due to individual requirements.
在您的情况下,您有不同的域(因此您不能在它们之间共享 cookie),您混合使用 http 和 https(这可能是一个问题),并且您有很多应用程序,因此您不会进行很多更改.
In your case you have different domains (so you cannot share cookies across them), you mix http and https (which might be a problem) and you have many applications so you won't make many changes.
所以我建议考虑罗伯特的建议:
So I would recommend to consider Robert's suggestion:
如果您无法更改支付网站的链接,那么您可以尝试跳过第 2 步并通过他的 ip 验证用户,但这可能太冒险了.
If you cannot change a link to the payment site then you could try to skip the step 2 and validate the user by his ip but this might be too risky.