How to share cookie and session between backend_1 and backend_2 #527
Description
Hello,
while there are a lot of discussions on this board around how NOT to share cookies and sessions between apps, I am looking for a way to explicitly do it, but I can't get it working.
So I have two backends, backend_1 and backend_2.
I would like that if a user is logged into backend_1 that he also is auto-logged into Backend_2 if he switches the subdomain.
So I have given both the same
And I made sure that this below is the exact same at both apps
- cookieValidationKey
- crsfParam
- identityCokie -> name
- session -> name
When I use the inspector after stichting from backend_1 to backend_2 in the browser, I can see that the cookie has the same name, but the value of the cookie is different.
If I manually change the value of the cookie to the value I can so on the backend_1, then it works and I am logged in.
Could it be that my session storage on DB is the problem?
'components' => [
'request' => [
'csrfParam' => '_csrf-backend_1_and_2', //this is the same on both APPs
],
'cache' => [
'keyPrefix' => 'backend_1',
],
'user' => [
'authTimeout' => 8 * 60 * 60,
'enableAutoLogin' => true,
'identityCookie' => ['name' => '_identity_backend_1_and_2', 'httpOnly' => true], //this is the same on both APPs
],
'session' => [
'class' => 'yii\web\DbSession',
'writeCallback' => function ($session) {
return [
'user_id' => Yii::$app->user->id,
'last_write' => time(),
];
},
'cookieParams' => ['httponly' => true, 'lifetime' => 8 * 60 * 60],
'timeout' => 8 * 60 * 60, //session expire
'useCookies' => true,
'name' => 'advanced-backend_1_and_2', //this is the same on both APPs
],
Additional info
| Q | A |
|---|---|
| Yii version 2.0.45 | |
| PHP version 8.0 | |
| Operating system Ubuntu 20.04 |