Home > Backend Development > PHP Tutorial > How to solve the problem of session coexistence across domain names under Yii2

How to solve the problem of session coexistence across domain names under Yii2

不言
Release: 2023-04-01 08:38:01
Original
1827 people have browsed it

This article mainly introduces the solution for cross-domain name coexistence of sessions under Yii2. The content is quite good. I will share it with you now and give it as a reference.

I talked about session-related configurations earlier. During development, the login module that often needs to be shared across domains is the login module. I believe many development friends have encountered it. You only need one place to log in, and the related The website is also logged in. There are two situations: one is between 9streets.cn and a.9streets.cn, and the other is between a.com and b.com. I have summarized the handling methods in the past few days.

Whether it is a first- and second-level domain name, or a cross-domain domain name under different domain names, two points must be achieved:

  • The client accesses the same sessionId,

  • #The location of the session data accessed by servers corresponding to all domain names must be consistent.

1. Accessing the common sessionId is mainly by writing the current sessionId into the cookie.

Cookies cannot be accessed under different domain names. We need When accessing and setting the user to log in in the background, set the domain name that needs to be shared login information. If it is under the 1st or 2nd level domain name, directly set the cookie to the main domain name, for example:

setcookie("session_id",session_id(),time()+3600*24*365*10,"/",".a.com");
Copy after login

Maybe you will ask: What if they are in different domain names? It is a simple solution using P3P technology. The implementation principle is that when accessing the website x.com, the y.com program triggers the writing of the sessionid value in the y.com file. The sessionid value can be obtained, and then the seesion value is stored in the database and the same value is obtained. The sessionid value is sufficient. This requires that the program files in y.com must be accessible across domains. By default, browsers cannot set cookies across domains. You must add the p3p header. Add to the corresponding php file: header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');

2. Method to achieve consistent storage location of session data

The session data is stored in the server's tmp file by default and exists in the form of a file instead of being stored in the server's memory. Here we have to modify it to be accessible in all domains. Database storage, file storage, and memory storage are introduced online. If a database is used to store session data and the website has a large number of visits, SESSION reading and writing will frequently operate on the database, and the efficiency will be significantly reduced. You can consider the presence of memory. The server is implemented. The following session.rar introduces an example of the data inventory session.

To deal with this problem under yii2, the successful configuration according to the tutorials found on the Internet is as follows:

Configure in main.php in the frontend's config folder

$host = explode('.', $_SERVER["HTTP_HOST"]);
if (count($host) > 2) {
  define('DOMAIN', $host[1] . '.' . $host[2]);
} else {
  define('DOMAIN', $host[0] . '.' . $host[1]);
}
define('DOMAIN_HOME', 'www.' . DOMAIN);
define('DOMAIN_USER_CENTER', 'man.' . DOMAIN);
define('DOMAIN_API', 'api.' . DOMAIN);
define('DOMAIN_EMAIL', 'mail.' . DOMAIN);
define('DOMAIN_LOGIN', 'login.' . DOMAIN);
define('DOMAIN_IMG', 'img.' . DOMAIN);
Copy after login

Then configure User and Session:

'user' => [
  'enableAutoLogin' => true,
  'identityCookie' => ['name' => '_identity', 'httpOnly' => true, 'domain' => '.' . DOMAIN],
],
'session' => [
  'cookieParams' => ['domain' => '.' . DOMAIN, 'lifetime' => 0],
  'timeout' => 3600,
],
Copy after login

This is in the user and session of the configuration item I wrote down the domain, for example: 'domain'=>'.baidu.com', so that there is no need to judge.

The above is the entire content of this article, I hope it will be helpful to everyone's learning. Help, please pay attention to the PHP Chinese website for more related content!

Related recommendations:

Related issues using jquery in the Yii framework

The above is the detailed content of How to solve the problem of session coexistence across domain names under Yii2. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template