authentication - Yii2 autologin doesn't work -
i try realize autologin feature in yii2.
so i've enabled autologin in configuration:
'user' => [ 'identityclass' => 'app\models\user', 'enableautologin' => true, 'loginurl' => ['account/login', 'account', 'account/index'], ],
also i've added rememberme field in form configuration
public function scenarios() { return [ 'login' => ['username','password','rememberme'], 'activate' => ['password','passwordrepeat'], 'register' => ['username', 'mail'], 'setup' => ['username', 'password', 'passwordrepeat', 'mail', 'secretkey'], ]; } // ... [ ['rememberme'], 'boolean', 'on' => 'login', ],
i'm using @ login:
public function login() { //var_dump((bool) ($this->rememberme)); exit(); if (!$this->validate()) { return false; } return yii::$app->user->login($this->getuser(), (bool) ($this->rememberme) ? 3600*24*30 : 0); }
if log in, users function getauthkey function called , new auth_key generated.
public function generateauthkey() { $this->auth_key = yii::$app->getsecurity()->generaterandomstring(); helper::save($this); // helper database helper update rows last_modified_at , similar in database } /** * @inheritdoc */ public function getauthkey() { $this->generateauthkey(); return $this->auth_key; }
but always, log in, doesn't set cookie variables. cookies always
console.write_line(document.cookie) # => "_lcp=a; _lcp2=a; _lcp3=a"
and if restart browser i'm not logged in. doing wrong?
it seems yii doesn't work cookies correctly:
var_dump(yii::$app->getrequest()->getcookies()); exit();
results in:
object(yii\web\cookiecollection)#67 (2) { ["readonly"]=> bool(true) ["_cookies":"yii\web\cookiecollection":private]=> array(0) { } }
if access via $_cookie
have same values in js.
thanks in advance
i guess don't have generate auth key every time in getauthkey method. app tries compare database value auth key stored in cookie. generate once before user insert:
/** * @inheritdoc */ public function getauthkey() { return $this->auth_key; } /** * @inheritdoc */ public function beforesave($insert) { if (!parent::beforesave($insert)) { return false; } if ($insert) { $this->generateauthkey(); } return true; }
Comments
Post a Comment