Yii2 Advanced app, different sessions for frontend and backend - session

I'm trying to set up a Yii2 advanced project. For this I used kartik-v's advanced app template. It works fine but (as He just mentioned here) if you log into the frontend and then go to backend you'll be logged in as well. So I would like to separate the frontend and backend logins (different sessions). I tried to configure the identity cookies but It didn't work. In the comments I found this: "Still, when either frontend or backend is signed in and we open the other, it shows automatically signed in because the session cookie is same, PHPSESSID."
So I changed the name and the savePath of the sessions in the config of frontend and the backend. With this it should work, but It doesnt. I got an 500 internal server error every time I go to my page. And if I try to log in, it just doesnt work, it redirects me but does not log me in. I found out that If I dont set the savePath I dont get the error but still nothing happens. And If check in the 'remember me' option I get the error message but the login works.. So I dont know what to do now. My main config files:
backend:
'components' => [
'session' => [
'name' => 'backend_sessid',
'savePath' => __DIR__ . '/../tmp',
],
'user' => [
'identityClass' => 'common\models\User',
'enableAutoLogin' => true,
'identityCookie' => [
'name' => '_backendUser',
'path' => '/projectname/backend/web'
]
],
frontend:
'components' => [
'session' => [
'name' => 'frontend_sessid',
'savePath' => __DIR__ . '/../tmp',
],
'user' => [
'identityClass' => 'common\models\User',
'enableAutoLogin' => true,
'identityCookie' => [
'name' => '_frontendUser',
'path' => '/projectname'
]
],

One approach would be to use the Role Based Access Control described here: http://www.yiiframework.com/doc-2.0/guide-security-authorization.html
This way, you would set different roles for frontend users and backend users. If a user with different privileges tried to access the wrong site area, you could log him out and redirect him to the login page.

Related

How can I solve redirect error of Laravel Socialite?

I installed socialite to laravel project? But I have to change redirect url of google. Even though I changed url from google console and defined new client Id, client secret and url at config/services.php, I have problem when login with google that redirecting me to old url. What can be cause this error? We also clear the cache, but problem continues.. If you give me an idea, I will very appreciated.
return [
....
'google' => [
'client_id' => 'app id',
'client_secret' => 'add secret',
'redirect' => 'https://.../auth/google/callback',
],
]

How to configure Laravel to use PhpRedis?

PHP 7.3
Laravel 5.8
Until now I was using Predis for my cache in the Laravel project. Now I want to switch to PhpRedis. I've read it's really simple (just config changes), but I have a lot of problems. I don't know what to begin with, so I'll write all what I know.
My hosting provider claims that PhpRedis is enabled.
The code below executed in a controller (Predis is set) works fine - I receive the set value.
$redis = new \Redis();
$redis->connect( 'socket path', 0 );
$redis->set('test', 'testValue');
print_r( $redis->get('test') );
However, the same code in the raw PHP file executed via SSH returns "Uncaught Error: Class 'Redis' not found in..."
Let's go to changes in config/database.php. Here is my configuration:
'redis' => [
'client' => env('REDIS_CLIENT', 'predis'/*'phpredis'*/),
'cluster' => true,
'options' => [
'cluster' => env('REDIS_CLUSTER', 'predis'/*'redis'*/),
'prefix' => Str::slug(env('APP_NAME'), '_').'_',
'parameters' => ['password' => env('REDIS_PASSWORD', null)],
],
'default' => [
'scheme' => 'unix',
'path' => env('REDIS_HOST'),
'host' => env('REDIS_HOST'),
'password' => env('REDIS_PASSWORD'),
'port' => env('REDIS_PORT'),
'database' => env('REDIS_CACHE_DB', 0)
],
(...) // other
],
When I change values to these in comments, my website shows just a blank page - any errors in the mailbox.
Furthermore, when I run for example "php73 artisan config:clear" in the SSH, console returns "Please remove or rename the Redis facade alias in your "app" configuration file in order to avoid collision with the PHP Redis extension." in the Illuminate/Redis/Connectors/PhpRedisConnector.php.
When I change the alias in config/app.php from "Redis" to "RedisManager" and try again it returns
Uncaught Error: Class 'Redis' not found in /path/vendor/laravel/framework/src/Illuminate/Redis/Connectors/PhpRedisConnector.php:70.
What's going on? How to set Laravel's configuration to use PhpRedis? Maybe it's my hosting provider issue? Thanks in advance for every advice.
If I missed some important code, give me a sign - I will add it.
The PHPRedis libraries are not installed by default in a shared hosting environment, and are generally not part of a PHP installation by default. You would have to ask your host to install these libraries within their shared hosting platform.

Laravel Voyager redirect to other page after login

I just started using Laravel and learning. I would like to redirect users to a custom section create through the BREAD.
In Voyager Controller, I see there is this function return Voyager::view('voyager::index');
I want to redirect to the page /admin/members
How can I achieve this? I tried to search around but can't find the solution. Hope someone can help with this. Thank you
I solved this problem by updating the user's configuration in config/voyager.php (Laravel config directory). Edit below configurations (redirect index)
'user' => [
'add_default_role_on_register' => true,
'default_role' => 'user',
'default_avatar' => 'users/default.png',
'redirect' => '/admin',
],
to
'user' => [
'add_default_role_on_register' => true,
'default_role' => 'user',
'default_avatar' => 'users/default.png',
'redirect' => '/admin/members',
],

Laravel Socialite "Facebook" The parameter app_id is required

So I am having the same problem as this user here : Laravel Socialite Facebook Login Error: The parameter app_id is required
and I have followed the solution give to this user. but I still get the same error.
even tried changing clinet_id to app_id.. nothing has changed the same error
The parameter app_id is required
'facebook' => [
'client_id' => 'hidden', //Facebook App Client ID
'client_secret' => 'hidden', // Your Facebook App Client Secret
'redirect' => 'http://localhost:8000/login/facebook/callback', // Your application route used to redirect users back to your app after authentication
],
route:
Route::get('login/facebook', 'Auth\LoginController#redirectToProvider');
Route::get('login/facebook/callback', 'Auth\LoginController#handleProviderCallback');
I cant see whats wrong here. added everything. from the documentation. in service the facade. what can be my mistake here? I feel its fairly obvious but I cant see it
you have to set app id, secret and call back url in config file so open config/services.php and .env file then set id and secret this way:
'facebook' => [
'client_id' => env('FACEBOOK_CLIENT_ID'),
'client_secret' => env('FACEBOOK_CLIENT_SECRET'),
'redirect' => env('FACEBOOK_CALLBACK_URL'),
],
.env
FACEBOOK_CLIENT_ID=xxxxxxxxx
FACEBOOK_CLIENT_SECRET=xxxxxxx
FACEBOOK_CALLBACK_URL=http://localhost:8000/login/facebook/callback
After completion of .env edit please enter this command in your terminal for clear cache:php artisan config:cache

yii2 frontend and backend uses different sessions

Despite I did not separate sessions of frontend and backend apps on config files of those apps using session => ... option, my apps uses different sessions and when I login one of them then the other one is logouts. I could not find the source of problem. I want them using same session. What can be the problem?
Try this one
Add session in frontend->config->main.php
'components' => [
'session' => [
'name' => 'PHPFRONTSESSID',
'savePath' => sys_get_temp_dir(),
],
]
same in backend->config->main.php
'components' => [
'session' => [
'name' => 'PHPBACKSESSID',
'savePath' => sys_get_temp_dir(),
],
]

Resources