This is as an extension of this wiki by Kartik V which shows to make different enableAutoLogin cookies for frontend and backend.
What else is needed ¶
That take us in a situation where if either the backend or frontend is already signed in, and we open another window or tab for the other, then it will get automatically signed in..
because session cookie is the same.
So, here we add session component in the backend and frontend configuration file. In addition, we need to make custom folders named 'tmp' (or whatever name suits you) in the backend folder and frontend folder respectively.
Backend Config ¶
'components' => [ 'session' => [ 'name' => 'PHPBACKSESSID', 'savePath' => __DIR__ . '/../tmp', ], ],
Frontend Config ¶
'components' => [ 'session' => [ 'name' => 'PHPFRONTSESSID', 'savePath' => __DIR__ . '/../tmp', ], ],
Now, you can have different sessions for frontend and backend in the same browser.
I use different 'id's for this:
I also have different 'id's:
And here is my session configuration. The commented options were probably used with the standard session implementation (I use the CDbHttpSession).
Adding cookie path
@le_top, thanks, I did not have to use this in Yii 1.1. But for a requirement in new Yii2 project, where the advanced template backend was supposed to be used exclusively for admin purposes, I wanted this situation. Still as per this above wiki, the backend session cookie was found accessible to frontend. So we need to add the path and now that is OK.
If you have any questions, please ask in the forum instead.
Signup or Login in order to comment.