I have problem with auth_key , I have login form and it’s work correctly without remember me and with remember me , but I read yii document , in that document wrote about remember me work with id and auth_key for create cookie to stay user in long time , i check the framework code and in there have three parameters (id, auth_key, expire_time()) i save auth_key in user table and it’s code here
public function generateAuthKey()
{
$this->auth_key = Yii::$app->security->generateRandomString();
}
public function validateAuthKey($authKey)
{
return $this->getAuthKey() === $authKey;
}
public function getAuthKey()
{
return $this->auth_key;
}
but i have problem , it’s if a user login in site and i go to the user table and change the auth_key field , and now if user refresh the page it must be throw out the site because it’s auth key is changed , but the user stay login in site , where is problem ?
I want to terminate user that login using one username , I save session in mongodb and delete session and change auth_key in mysql user table , and that user throw site out.But have problem , when I change auth key all those users who checked remember me , throw site logged out , I store auth_key in session db mongodb to have auth_key per each user ,and id change getAuthKey in model user to get from mongodb but I have problem is every time I refresh page the auth key is changed.
The following is my code .When I remove session record from mongodb , and refresh page the user still login and create new record for user in mongodb this is my code: