Wiki articles in category How-tos tagged with "CSRF"

Showing 1-3 of 3 items.

[Guide] How to actually separate Frontend (User) and Backend (Admin) on Yii2 Advanced

Created 8 years ago by Wade Shuler, updated 8 years ago by samdark.
8 comments

I am writing this guide because I struggled to find a resource that included ALL of the necessary steps to completely separate the frontend from the backend. After reading guides like Configuring different sessions for backend and frontend in yii-advanced-app and [yii2 configuring d...

9 1
18 followers
Viewed: 119 717 times
Version: 2.0
Category: How-tos
Tags: admin, advanced, app, auth, autologin, backend, cache, cookie, CSRF, different, domain, frontend, login, member, request, separate, session, system, temp, user, yii2

Checking for "expired" sessions/logins on the client side

Created 10 years ago by le_top, updated 9 years ago by le_top.
0 comments

Getting "Expired token" errors ? Here is a solution to avoid invalid CSRF on POST or ajax requests, or user identity changes.

4 0
12 followers
Viewed: 35 334 times
Version: 1.1
Category: How-tos
Tags: allowAutoLogin, Cache-Control, cookie, CSRF, login, security, session, user auth, UserIdentity

How to validate CSRF token with session

Created 12 years ago by yangmls, updated 12 years ago by yangmls.
7 comments

First of all, You must change component config to enable the default Yii CSRF validation.

21 0
27 followers
Viewed: 100 305 times
Version: 1.1
Category: How-tos
Tags: CSRF, session