Anyone here deploys Yii webapp with Capistrano? Need help with cookie issue
Posted 21 March 2011 - 06:17 PM
I suspect this is because the way Capistrano deploys webapp to a new release folder based on current timestamp.
Anyone here using Capistrano seeing the same issue?
Posted 22 March 2011 - 03:15 AM
If you look at the sources, you see, that Yii uses CApplication::getId() when it creates a unique cookie ID for each user. This method uses the basePath to create a unique ID. basePath is set from the constructor of CApplication. In the setter there's a call to realpath() which expands all symbolic links.
So your assumption is right: The timestamped folder name Capistrano uses on each deployment affect the cookie ID used for authentication.
One workaround (there might be better ones): You could override CWebUser with you custom WebUser component and override getStatKeyPrefix() there. It's up to you to think about a safe logic to create unique cookie IDs then.
Posted 24 March 2011 - 02:00 AM
Do you maybe save session files inside the application folder? And forgot to copy this folder after deployment?
EDIT: Or maybe my answer above is related. Not sure about your exact problem: You mentioned "session cookies" - if you meant "authentication cookies" then my answer should help. Sessions should not expire when you deploy, so currently logged in users should still stay login until the session expire.
This post has been edited by Mike: 24 March 2011 - 02:05 AM
Posted 11 March 2012 - 08:19 PM
Meanwhile, if you've made any progress please let me know. I am planning to devote some serious time to this problem this week, so if you've already found a solution, please help save me some time!
Posted 11 March 2012 - 10:03 PM
Feel free to give my fork a spin if you'd like: https://github.com/kamermans/yii
=== EDIT ===
My pull was rejected, but qiangxue provided a reasonable solution. In your config file (probably protected/config/main.php) you must add an "id" key to the array with a unique property like this:
return array( // This allows you to deploy Yii projects with Capistrano. The value is // not important as long as it is very hard to guess and is NOT based on // the absolute path of your protected/ directory. "id" => md5(php_uname().'somerandomtext'), );