Backend Development
PHP Tutorial
How to solve the problem of session coexistence across domain names under Yii2
How to solve the problem of session coexistence across domain names under Yii2
This article mainly introduces the solution for cross-domain name coexistence of sessions under Yii2. The content is quite good. I will share it with you now and give it as a reference.
I talked about session-related configurations earlier. During development, the login module that often needs to be shared across domains is the login module. I believe many development friends have encountered it. You only need one place to log in, and the related The website is also logged in. There are two situations: one is between 9streets.cn and a.9streets.cn, and the other is between a.com and b.com. I have summarized the handling methods in the past few days.
Whether it is a first- and second-level domain name, or a cross-domain domain name under different domain names, two points must be achieved:
The client accesses the same sessionId,
#The location of the session data accessed by servers corresponding to all domain names must be consistent.
1. Accessing the common sessionId is mainly by writing the current sessionId into the cookie.
Cookies cannot be accessed under different domain names. We need When accessing and setting the user to log in in the background, set the domain name that needs to be shared login information. If it is under the 1st or 2nd level domain name, directly set the cookie to the main domain name, for example:
setcookie("session_id",session_id(),time()+3600*24*365*10,"/",".a.com");Maybe you will ask: What if they are in different domain names? It is a simple solution using P3P technology. The implementation principle is that when accessing the website x.com, the y.com program triggers the writing of the sessionid value in the y.com file. The sessionid value can be obtained, and then the seesion value is stored in the database and the same value is obtained. The sessionid value is sufficient. This requires that the program files in y.com must be accessible across domains. By default, browsers cannot set cookies across domains. You must add the p3p header. Add to the corresponding php file: header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
2. Method to achieve consistent storage location of session data
The session data is stored in the server's tmp file by default and exists in the form of a file instead of being stored in the server's memory. Here we have to modify it to be accessible in all domains. Database storage, file storage, and memory storage are introduced online. If a database is used to store session data and the website has a large number of visits, SESSION reading and writing will frequently operate on the database, and the efficiency will be significantly reduced. You can consider the presence of memory. The server is implemented. The following session.rar introduces an example of the data inventory session.
To deal with this problem under yii2, the successful configuration according to the tutorials found on the Internet is as follows:
Configure in main.php in the frontend's config folder
$host = explode('.', $_SERVER["HTTP_HOST"]);
if (count($host) > 2) {
define('DOMAIN', $host[1] . '.' . $host[2]);
} else {
define('DOMAIN', $host[0] . '.' . $host[1]);
}
define('DOMAIN_HOME', 'www.' . DOMAIN);
define('DOMAIN_USER_CENTER', 'man.' . DOMAIN);
define('DOMAIN_API', 'api.' . DOMAIN);
define('DOMAIN_EMAIL', 'mail.' . DOMAIN);
define('DOMAIN_LOGIN', 'login.' . DOMAIN);
define('DOMAIN_IMG', 'img.' . DOMAIN);Then configure User and Session:
'user' => [ 'enableAutoLogin' => true, 'identityCookie' => ['name' => '_identity', 'httpOnly' => true, 'domain' => '.' . DOMAIN], ], 'session' => [ 'cookieParams' => ['domain' => '.' . DOMAIN, 'lifetime' => 0], 'timeout' => 3600, ],
This is in the user and session of the configuration item I wrote down the domain, for example: 'domain'=>'.baidu.com', so that there is no need to judge.
The above is the entire content of this article, I hope it will be helpful to everyone's learning. Help, please pay attention to the PHP Chinese website for more related content!
Related recommendations:
Related issues using jquery in the Yii framework
The above is the detailed content of How to solve the problem of session coexistence across domain names under Yii2. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
How to set session timeout in SpringBoot Session
May 15, 2023 pm 02:37 PM
The problem was found in the springboot project production session-out timeout. The problem is described below: In the test environment, the session-out was configured by changing the application.yaml. After setting different times to verify that the session-out configuration took effect, the expiration time was directly set to 8 hours for release. Arrived in production environment. However, I received feedback from customers at noon that the project expiration time was set to be short. If no operation is performed for half an hour, the session will expire and require repeated logins. Solve the problem of handling the development environment: the springboot project has built-in Tomcat, so the session-out configured in application.yaml in the project is effective. Production environment: Production environment release is
How to solve session failure
Oct 18, 2023 pm 05:19 PM
Session failure is usually caused by the session lifetime expiration or server shutdown. The solutions: 1. Extend the lifetime of the session; 2. Use persistent storage; 3. Use cookies; 4. Update the session asynchronously; 5. Use session management middleware.
Solution to PHP Session cross-domain problem
Oct 12, 2023 pm 03:00 PM
Solution to the cross-domain problem of PHPSession In the development of front-end and back-end separation, cross-domain requests have become the norm. When dealing with cross-domain issues, we usually involve the use and management of sessions. However, due to browser origin policy restrictions, sessions cannot be shared by default across domains. In order to solve this problem, we need to use some techniques and methods to achieve cross-domain sharing of sessions. 1. The most common use of cookies to share sessions across domains
How to solve the problem that the Springboot2 session timeout setting is invalid
May 22, 2023 pm 01:49 PM
Problem: Today, we encountered a setting timeout problem in our project, and changes to SpringBoot2’s application.properties never took effect. Solution: The server.* properties are used to control the embedded container used by SpringBoot. SpringBoot will create an instance of the servlet container using one of the ServletWebServerFactory instances. These classes use server.* properties to configure the controlled servlet container (tomcat, jetty, etc.). When the application is deployed as a war file to a Tomcat instance, the server.* properties do not apply. They do not apply,
How to implement SMS login in Redis shared session application
Jun 03, 2023 pm 03:11 PM
1. Implementing SMS login based on session 1.1 SMS login flow chart 1.2 Implementing sending SMS verification code Front-end request description: Description of request method POST request path /user/code request parameter phone (phone number) return value No back-end interface implementation: @Slf4j@ ServicepublicclassUserServiceImplextendsServiceImplimplementsIUserService{@OverridepublicResultsendCode(Stringphone,HttpSessionsession){//1. Verify mobile phone number if
What are the differences between JavaScript and PHP cookies?
Sep 02, 2023 pm 12:29 PM
JavaScriptCookies Using JavaScript cookies is the most effective way to remember and track preferences, purchases, commissions and other information. Information needed for a better visitor experience or website statistics. PHPCookieCookies are text files that are stored on client computers and retained for tracking purposes. PHP transparently supports HTTP cookies. How do JavaScript cookies work? Your server sends some data to your visitor's browser in the form of a cookie. Browsers can accept cookies. If present, it will be stored on the visitor's hard drive as a plain text record. Now, when a visitor reaches another page on the site
How to make cross-domain requests in Vue?
Jun 10, 2023 pm 10:30 PM
Vue is a popular JavaScript framework for building modern web applications. When developing applications using Vue, you often need to interact with different APIs, which are often located on different servers. Due to cross-domain security policy restrictions, when a Vue application is running on one domain name, it cannot communicate directly with the API on another domain name. This article will introduce several methods for making cross-domain requests in Vue. 1. Use a proxy A common cross-domain solution is to use a proxy
How to correctly read and write Session data in multiple files with PHP
Mar 23, 2023 am 11:12 AM
When you are using a PHP session (Session), sometimes you will find that the Session can be read normally in one file, but cannot be read in another file. This may confuse you since session data is supposed to be shared across the entire application. This article will explain how to correctly read and write PHP session data in multiple files.
