Problem

We experienced a problem when a frontstore and TheShop administration were present on the same domain, e.g. theshop.dev as a frontstore and theadmin.theshop.dev as an administration.

The problem was detected when frontstore set SESSION_DOMAIN to theshop.dev. In this case, Laravel creates the cookie domain name as .theshop.dev which means it affected also our subdomain when this cookie has changed.

Solution

Two changes have been made to resolve this issue:

• Our application is now SPA based on JWT, which means we are using no sessions.

• We removed SESSION_DOMAIN from .env file in a frontstore.