1. 技术文章
  2. Yii2 Advanced - Share session between frontend and mainsite (duplicate of frontend for www)

Yii2 Advanced - Share session between frontend and mainsite (duplicate of frontend for www)

别说谁变了你拦得住时间么 提交于 2020-01-05 04:28:09

问题


I have a custom members system that I have made: Yii2 Members System. You can refer to that for full details, or install it so you can work with it for this question.

I have frontend and backend just as Yii2 provides, with a few modifications to separate the sessions/cookies so that backend works with the Admin model and pulls from an admin table. Similar to old traditional member systems.

mainsite is basically a clone of frontend and it's role is to be the main website. What you get when you go to www.site.com or site.com.

Here are the 3 apps and their example domains:

  • mainsite = www.site.com or site.com
  • frontend = users.site.com
  • backend = admin.site.com

When a user logs in (users.site.com/site/login) and go back to the homepage (mainsite at www.site.com) I want it to know they are logged in and show their username. Just like how frontend operates by default from the advanced app.

From what I have so far, I login and head back to the mainsite and it just reads An internal server error occurred.. It doesn't look like a Yii error, but a server error? When I look in the Yii logs under runtime, it mentions access control:

2017-04-14 13:38:25 [127.0.0.1][1][-][error][yii\web\HttpException:403] exception 'yii\web\ForbiddenHttpException' with message 'You are not allowed to perform this action.' in /Applications/XAMPP/xamppfiles/htdocs/yii2-members-system/vendor/yiisoft/yii2/filters/AccessControl.php:151

Here are some of my configs.

mainsite/config/main.php

'components' => [
    'assetManager' => [
        'bundles' => false,
    ],
    'request' => [
        'csrfParam' => '_csrf-mainsite',
    ],
    'user' => [
        'class' => 'common\components\User',
        'identityClass' => 'common\models\User',
        'enableAutoLogin' => true,
        'identityCookie' => [
            'name' => '_identity-frontend',
            'httpOnly' => true,
            'domain' => '.yii2-members-system.dev',
        ],
    ],
    'session' => [
        'name' => 'advanced-frontend',
        'cookieParams' => [
            'domain' => '.yii2-members-system.dev',
            'httpOnly' => true,
        ],
    ],
    'urlManager' => [
        'enablePrettyUrl' => true,
        'showScriptName' => false,
        'rules' => [
        ],
    ],
],

frontend/config/main.php

'components' => [
    'assetManager' => [
        'bundles' => false,
    ],
    'request' => [
        'csrfParam' => '_csrf-frontend',
    ],
    'user' => [
        'class' => 'common\components\User',
        'identityClass' => 'common\models\User',
        'enableAutoLogin' => true,
        'identityCookie' => [
            'name' => '_identity-frontend',
            'httpOnly' => true,
            'domain' => '.yii2-members-system.dev',
        ],
    ],
    'session' => [
        'name' => 'advanced-frontend',
        'cookieParams' => [
            'domain' => '.yii2-members-system.dev',
            'httpOnly' => true,
        ],
    ],
    'urlManager' => [
        'enablePrettyUrl' => true,
        'showScriptName' => false,
        'rules' => [
        ],
    ],
],

vhosts

<VirtualHost *:80>
    ServerName yii2-members-system.dev
    ServerAlias yii2-members-system.dev
    DocumentRoot "/Applications/XAMPP/xamppfiles/htdocs/yii2-members-system/mainsite/web"
    ErrorLog "logs/mainsite.yii2-members-system.dev-error_log"
    CustomLog "logs/mainsite.yii2-members-system.dev-access_log" common
</VirtualHost>

<VirtualHost *:80>
    ServerName yii2-members-system.dev
    ServerAlias admin.yii2-members-system.dev
    DocumentRoot "/Applications/XAMPP/xamppfiles/htdocs/yii2-members-system/backend/web"
    ErrorLog "logs/admin.yii2-members-system.dev-error_log"
    CustomLog "logs/admin.yii2-members-system.dev-access_log" common
</VirtualHost>

<VirtualHost *:80>
    ServerName yii2-members-system.dev
    ServerAlias users.yii2-members-system.dev
    DocumentRoot "/Applications/XAMPP/xamppfiles/htdocs/yii2-members-system/frontend/web"
    ErrorLog "logs/users.yii2-members-system.dev-error_log"
    CustomLog "logs/users.yii2-members-system.dev-access_log" common
</VirtualHost>

回答1:


You can share session between subdomain or main domain. As per yii configuration, you need to configure like below in frontend/config/main.php and mainsite/config/main.php.

'request' => [
    'csrfParam' => '_csrf-app',
],
'user' => [
    'identityClass' => 'common\models\User',
    'enableAutoLogin' => true,
    'identityCookie' => ['name' => '_identity', 'httpOnly' => true, 'domain'=>'.yii2-members-system.dev', 'path'=>'/'],
],
'session' => [
    'name' => 'sessionName',
    'savePath'=> __DIR__ . '/../../sessionTmp'
],

In this configuration, session name, session save path, identity cookie path and domain should match with other subdomain to share session between two yii app.

So create one tmp folder inside your app and point it to session save path. like above.

I hope, this will help.



来源:https://stackoverflow.com/questions/43418088/yii2-advanced-share-session-between-frontend-and-mainsite-duplicate-of-fronte

标签
session
cookies
yii2
yii2-advanced-app
vhosts
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!