Magento and Best Way to Sync Sessions across stores

I am syncing sessions between two different domains for Magento using a token passing technique with a remote iframe or img. I am about to implement it into Magento and was looking for some pointers.

I will have to do two things:

1. Every 5 mins, output an iframe or img with a remote SRC attribute for the second domain.
   • Q. Where is the best place to implement this? In the past I did storewide actions by overriding the renderLayout() method in Magento. Should I just do it by appended a block to the end of the page load? If I use a block, is it still keeping MVC?
2. I need to sync the session on the other domain when the script is called. I need to set the same cookie that Magento would set, that links to that sessi开发者_开发知识库on for the user.
   • Thinking about this, I think I am going to have to load Mage::app or whatever the call is that loads the Magento environment.
   • Q. Is there a lighter way of doing this?

Just for better understanding of what I am doing, here is a quick description of the flow.

1. User goes to Site A. If its time to sync the sessions, an IMG or IFRAME is outputted with SRC pointing to site-b.com/sessionSyncer?token=SHA1TOKEN
2. sessinSyncer validates the token and if so, creates a session and sends the cookie to the browser for the session. This should happen in a Magento manner

I am aware that Magento has the ability to pass session through the URL and generates the links to do so, but this is inadequate because the user must only switch sites using those special urls, plus the URL becomes ugly.

Thanks in advance!

Overriding renderLayout is overkill. Instead create a block that outputs your img tag and include it in the base theme, perhaps for the area before_body_end, that will safely place it on all pages.

Inventing your own token is also overkill since Magento is using the PHP session identifier and places it automatically for foreign domains. Your custom block might generate the URL with this:

$this->getUrl('OTHER/STORE/PATH', array('_store' => 'YOUR_STORE_CODE'))

If you think your script is going to need Mage::app() then you might as well use a controller which is a similar effort. On encountering a SID value the session will be updated behind the scenes, cookies set etc.

It using an iframe it doesn't need to output anything and if a small image can be static like this:

print "GIF89a\1\0\1\0\x80\0\0\xff\xff\xff\xff\xff\xff!\xf9\4\1\n\0\1\0,\0\0\0\0\1\0\1\0\0\2\2L\1\0;";

_{P.S.
When creating the URL of the foreign store without an SID use the _nosid parameter to force a clean URL.}

Store sessions in DB and replicate database tables or entire databases it's much easier. You can configure that in your local.xml

<session_save><![CDATA[db]]></session_save>