Yii Framework Forum: Anyone here deploys Yii webapp with Capistrano? - Yii Framework Forum

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

Anyone here deploys Yii webapp with Capistrano? Need help with cookie issue Rate Topic: -----

#1 User is offline   johndoe411 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 1
  • Joined: 14-February 11

Posted 21 March 2011 - 06:17 PM

I have been using Capistrano to deploy my Yii webapp for a while and it works great except one issue: After every deployment, the session cookies seem to be reset or erased. Everyone has to logon to my site again, even though they have the login sessions expire in 30 days.

I suspect this is because the way Capistrano deploys webapp to a new release folder based on current timestamp.

Anyone here using Capistrano seeing the same issue?
0

#2 User is offline   Mike 

  • Elite Member
  • PipPipPipPipPip
  • Yii
  • Group: Members
  • Posts: 3,016
  • Joined: 06-October 08
  • Location:Upper Palatinate

Posted 22 March 2011 - 03:15 AM

View Postjohndoe411, on 21 March 2011 - 06:17 PM, said:

I suspect this is because the way Capistrano deploys webapp to a new release folder based on current timestamp.



If you look at the sources, you see, that Yii uses CApplication::getId() when it creates a unique cookie ID for each user. This method uses the basePath to create a unique ID. basePath is set from the constructor of CApplication. In the setter there's a call to realpath() which expands all symbolic links.

So your assumption is right: The timestamped folder name Capistrano uses on each deployment affect the cookie ID used for authentication.

One workaround (there might be better ones): You could override CWebUser with you custom WebUser component and override getStatKeyPrefix() there. It's up to you to think about a safe logic to create unique cookie IDs then.



0

#3 User is offline   Mike 

  • Elite Member
  • PipPipPipPipPip
  • Yii
  • Group: Members
  • Posts: 3,016
  • Joined: 06-October 08
  • Location:Upper Palatinate

Posted 24 March 2011 - 02:00 AM

Please forget what i said above, it's not related to your case: the cookie i talked about is only used for the auto login feature. It's separate from teh session cookie which is created by PHP.

Do you maybe save session files inside the application folder? And forgot to copy this folder after deployment?

EDIT: Or maybe my answer above is related. Not sure about your exact problem: You mentioned "session cookies" - if you meant "authentication cookies" then my answer should help. Sessions should not expire when you deploy, so currently logged in users should still stay login until the session expire.

This post has been edited by Mike: 24 March 2011 - 02:05 AM

0

#4 User is offline   SteveK 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 5
  • Joined: 24-June 11

Posted 11 March 2012 - 08:19 PM

I'm also using Capistrano to deploy Yii apps and see this problem. In my case, I am using MySQL sessions. I am going to override CWebUser right now to see if that fixes it, although I really don't understand why the session cookies aren't working after a deploy. I certainly see your point about the auto-login persistent cookies, so I'll report back once I get that working with the aforementioned suggestion.

Meanwhile, if you've made any progress please let me know. I am planning to devote some serious time to this problem this week, so if you've already found a solution, please help save me some time!
0

#5 User is offline   SteveK 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 5
  • Joined: 24-June 11

Posted 11 March 2012 - 10:03 PM

Ok, I've got to the bottom of this and proposed a solution to the Yii Team: https://github.com/y...ft/yii/pull/493

Feel free to give my fork a spin if you'd like: https://github.com/kamermans/yii

=== EDIT ===
My pull was rejected, but qiangxue provided a reasonable solution. In your config file (probably protected/config/main.php) you must add an "id" key to the array with a unique property like this:

return array(
     // This allows you to deploy Yii projects with Capistrano.  The value is
     // not important as long as it is very hard to guess and is NOT based on
     // the absolute path of your protected/ directory.
     "id" => md5(php_uname().'somerandomtext'),
);

3

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users