Everything related to sessions should be identical. Basically the session.phpfile should be the same between both, they should have a common database, and the key and cipher type should be identical.

与会话相关的所有内容都应该相同。基本上session.php两者之间的文件应该相同，它们应该有一个公共数据库，并且密钥和密码类型应该相同。

If they have the same domain name (ex: server1.mydomain.com, server2.mydomain.com) but different hostnames/subdomain names, then the cookies should still work fine as long as you set the domain correctly (ex .mydomain.com). If they are on the same server, you can still use a common key-value system. If they are on separate servers, you either need a common storage location (like S3) or a replication enabled key-value system like Redis or Memcached. You could also use MySQL if you need to replicate other data types, but it's very heavy for just key-value pairs.

如果它们具有相同的域名（例如：server1.mydomain.com，server2.mydomain.com）但主机名/子域名不同，那么只要您正确设置域（例如.mydomain.com），cookies 应该仍然可以正常工作。如果它们在同一台服务器上，您仍然可以使用通用的键值系统。如果它们位于不同的服务器上，则您需要一个公共存储位置（如 S3）或启用复制的键值系统（如 Redis 或 Memcached）。如果您需要复制其他数据类型，您也可以使用 MySQL，但仅对键值对而言它非常繁重。

If they have completely different domains, then cookies will not work. In that instance, you would need to reference cross-site session ids through GETquery strings, and perform session migrations in the back-end using either common or replicated systems, or via some secure API. This is a very difficult system to setup and only works if you are moving between the domains using links embedded in the sites. Bookmarks or manual address input will loose session data.

如果它们具有完全不同的域，则 cookie 将不起作用。在这种情况下，您需要通过GET查询字符串引用跨站点会话 ID ，并在后端使用通用或复制系统或通过某些安全 API 执行会话迁移。这是一个非常难以设置的系统，并且仅当您使用站点中嵌入的链接在域之间移动时才有效。书签或手动地址输入会丢失会话数据。

UPDATE: 2/4/2016

更新：2/4/2016

There is a better way to handle this now using JSON Web Tokens (JWT). The basic idea is that rather than share a database of session IDs that has to be kept in sync, you instead share a database of users. The database of users will require significantly fewer writes, since most of the data will be static, which in turn makes it easier to replicate or split between multiple applications. The JWT holds all the pertinent session data in an encrypted format which prevents tampering. This allows the front-end client to hold on to the JWT and pass it to the back-end client on requests. The back-end client is then only responsible for checking that the data within the JWT matches it's database of user data. If it matches, then it can be assumed that the user was authenticated. There is a little more to it than I've explained here, but I would recommend checking out the website for a full explanation (https://jwt.io/).

现在有一种更好的方法可以使用 JSON Web Tokens ( JWT）。基本思想是，与其共享一个必须保持同步的会话 ID 数据库，不如共享一个用户数据库。用户数据库需要的写入将大大减少，因为大多数数据都是静态的，这反过来又使在多个应用程序之间复制或拆分变得更容易。JWT 以加密格式保存所有相关的会话数据，以防止篡改。这允许前端客户端保留 JWT 并根据请求将其传递给后端客户端。然后后端客户端只负责检查 JWT 中的数据是否与它的用户数据数据库相匹配。如果匹配，则可以假设用户已通过身份验证。它比我在这里解释的要多一些，但我建议您查看网站以获得完整的解释（https://jwt.io/）。

The best part is, it's super easy to get started using in Laravel. Add in the JWT-Authdependency and you are up and running with JWT.

最好的部分是，它非常容易在 Laravel 中开始使用。添加JWT-Auth依赖项，您就可以使用 JWT 启动并运行了。

The one caveat I would add is that you will likely run into Cross-Origin Resource Sharing (CORS) issues with newer browsers if you do cross domain requests. There are easy fixes if you run into that (Laravel-CORS).

我要补充的一个警告是，如果您进行跨域请求，您可能会遇到较新浏览器的跨域资源共享 (CORS) 问题。如果遇到这种情况，可以轻松修复（Laravel-CORS）。