How to solve the problem of coexistence of cross-domain names under session YII2

This article mainly introduces the Yii2 next session cross-domain coexistence solution, the content is very good, and now share to everyone, but also for everyone to do a reference.

Before the session related configuration, in the development, often need to cross-domain common session is the login module, I believe that many development of friends have encountered, only need a place to log in, the associated site is also in the status of login. Two cases: one 9streets.cn and a.9streets.cn, the other is between the A.com B.Com, which summarizes the processing method these days.

Whether it's a one or two-level domain name, or a cross-domain under a different domain name, there are two points to be reached:

• The client accesses the same SessionID,
  

• All domain names corresponding to the server access session data must be in the same location.
  

1. Access to common SessionID is mainly by writing the current SessionID into the cookie

Cookies are not accessible under different domain names, we need to set up in the background when the user log in, the need to share the login information domain name, if it is in 1, 2 domain name, directly set the cookie as the host domain name, for example:

Setcookie ("session_id", session_id (), Time () +3600*24*365*10, "/", ". a.com");

Perhaps you would ask: what if it is in a different domain? Using P3P technology Simple solution, the implementation of the principle, when visiting the site x.com, y.com program trigger y.com file Write SessionID value, SessionID value can be obtained, and then put the Seesion value into the database, the same SessionID value can be. This requires the y.com inside the program files must be able to cross-domain access, by default, the browser can not set the cookie across the domain, plus P3P header after the line. In the corresponding PHP file plus:header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');

2.session Data storage location Consistent implementation method

Session This data is stored in the server's TMP file by default, in the form of a file, rather than in the memory of the server, where we have to modify the way it is accessible under all domains. On-line introduction of database storage, file form storage, memory storage, if the database stored session data, the site access is very large, the SESSION read and write will be frequently on the database operation, efficiency will be significantly reduced, you can consider the existence of memory server to achieve, The following Session.rar describes an example of a data inventory session.

Under Yii2 to deal with this problem, according to the online search of the final configuration of the tutorial successful tutorial as follows:

Configure in main.php in frontend config folder

$host = Explode ('. ', $_server["Http_host"]), if (count ($host) > 2) {  define (' DOMAIN ', $host [1]. '.' . $host [2]);} else {  define (' DOMAIN ', $host [0]. '.' . $host [1]);} Define (' Domain_home ', ' www. '). DOMAIN);d efine (' Domain_user_center ', ' man. '). DOMAIN);d efine (' Domain_api ', ' API. '). DOMAIN);d efine (' domain_email ', ' mail. '). DOMAIN);d efine (' Domain_login ', ' LOGIN. '). DOMAIN);d efine (' domain_img ', ' IMG. '). DOMAIN);

Then configure user and Session:

' User ' = [  ' enableautologin ' = ' = ',  ' identitycookie ' = ' = ' ' name ' = ' _identity ', ' httponly ' and ' = t Rue, ' domain ' = '. '. Domain], ' session ' = [  ' cookieparams ' and ' = ' domain ' = '. DOMAIN, ' lifetime ' = 0],  ' timeout ' = 3600,],

Here in the user and session of the configuration item I wrote the domain dead, for example: ' domain ' = '. Baidu.com ', so you don't have to judge.

The above is the whole content of this article, I hope that everyone's learning has helped, more relevant content please pay attention to topic.alibabacloud.com!