Yii2: Configuring different sessions for backend and frontend in Yii Advanced Application Template

Yii Framework Wiki

Popular Tags

Yii2: Configuring different sessions for backend and frontend in Yii Advanced Application Template

This is as an extension of this wiki by Kartik V which shows to make different enableAutoLogin cookies for frontend and backend.

What else is needed ¶

That take us in a situation where if either the backend or frontend is already signed in, and we open another window or tab for the other, then it will get automatically signed in..

because session cookie is the same.

So, here we add session component in the backend and frontend configuration file. In addition, we need to make custom folders named 'tmp' (or whatever name suits you) in the backend folder and frontend folder respectively.

Backend Config ¶

'components' => [
		'session' => [
			'name' => 'PHPBACKSESSID',
			'savePath' => __DIR__ . '/../tmp',
		],
    ],

Frontend Config ¶

'components' => [
		'session' => [
			'name' => 'PHPFRONTSESSID',
			'savePath' => __DIR__ . '/../tmp',
		],
    ],

Now, you can have different sessions for frontend and backend in the same browser.

3 0

7 followers

Viewed: 44 996 times

Version: 2.0

Category: How-tos

Tags: advanced, app, auth, backend, cookie, different, domain, frontend, login, session, user, yii2

Written by: hrnair

Last updated by: hrnair

Created on: Oct 31, 2014

Last updated: 10 years ago

Update Article

Revisions

View all history

10 years ago by hrnair

User Contributed Notes 2

#18454

0 0

I use different 'id's for this:

I also have different 'id's:

'id'=>($isAdmin?'8ef5061c':'c1605fe8'),

And here is my session configuration. The commented options were probably used with the standard session implementation (I use the CDbHttpSession).

'session'=>array(
                        'sessionName'=>$isAdmin?"adminSession":"PHPSESSID",
                        'class'=>'CDbHttpSession',
                        'autoCreateSessionTable'=>true,
                        'connectionID'=>'db',
                        //'useTransparentSessionID' =>isset($_POST['PHPSESSID']) ? true : false,
                        //'cookieMode'=>'none',
                        'timeout'=>$isAdmin?10*3600:24*3600,
                ),

le_top at Oct 31, 2014, 7:30:44 PM

#18455

0 0

Adding cookie path

@le_top, thanks, I did not have to use this in Yii 1.1. But for a requirement in new Yii2 project, where the advanced template backend was supposed to be used exclusively for admin purposes, I wanted this situation. Still as per this above wiki, the backend session cookie was found accessible to frontend. So we need to add the path and now that is OK.

'components' => [
        'session' => [
            'name' => 'PHPBACKSESSID',
            'savePath' => __DIR__ . '/../tmp',
			'cookieParams' => [
				'path'=>'https://url/to/backend'  //
			],
        ],
    ],

hrnair at Nov 1, 2014, 3:03:39 AM

Categories

Popular Tags

Recent Comments