I am writing this guide because I struggled to find a resource that included ALL of the necessary steps to completely separate the frontend from the backend. After reading guides like Configuring different sessions for backend and frontend in yii-advanced-app and [yii2 configuring d...
This is to show you how to use Yii2 flash messages with Kartik Growl (bootstrap notify wrapper).
This is as an extension of this wiki by Kartik V which shows to make different enableAutoLogin cookies for frontend and backend.
Your need: You require that for shared machines, the user is authenticated again for a backend access again, if someone is logged in from frontend and vice versa.
Getting "Expired token" errors ? Here is a solution to avoid invalid CSRF on POST or ajax requests, or user identity changes.
In this mini howto I would like to show how to add a required captcha field in the login form, after a defined number of unsuccessfull attempts. To do this, I will use the blog demo that you have in default Yii download package (path/to/yii/demos/blog).
This solution requires Yii 1.1.9 or above
First of all, You must change component config to enable the default Yii CSRF validation.
This had me stumped for a while so I figured it would be nice to share here to avoid others the grief.