本文介绍了CakePHP 保持从主域到子域的会话的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在使用 Cakephp,但在跨子域维护会话时遇到了问题.我的问题如下:

  • 用户登录'localhost/login'
  • 如果通过身份验证,它们将被重定向到customer.localhost/home".

目前 Cake 正在为每个域创建一个 cookie,即 localhost 和 customer.localhost.这意味着我无法让会话为用户工作.有没有办法将所有 cookie 域固定到父域,以保持会话跨子域工作?

我尝试在引导程序中输入此内容,但没有效果:ini_set('session.cookie_domain', '.localhost');

如果您认为这无法完成,请随时告诉我,以便我可以解决这个令人沮丧的问题.

非常感谢,

kSeudo

解决方案

Sessions (CakePHP 2.x):

要使会话 cookie 对您的所有子域和顶级域有效,您实际上需要在 APP/config/bootstrap.php 文件中自行设置:

ini_set('session.cookie_domain', '.domain.com');

然后,在您的 APP/config/core.php 文件中,将 Security 设置为低:

Configure::write('Security.level', 'low');

"否则referer_check将被设置为当前的HTTP_HOSTCakeSession 对象第 441 行."

会话(CakePHP 3.x)

会话 cookie 路径默认为应用程序的基本路径.要改变这个您可以使用 session.cookie_path ini 值.例如,如果你想要您的会话在您可以执行的所有子域中保持不变:

Configure::write('Session', ['默认' =>'php','ini' =>['session.cookie_path' =>'/','session.cookie_domain' =>'.yourdomain.com']]);

Cookies (CakePHP 2.x):

此页面上,它说明您可以使用域"变量:

允许访问cookie的域名.例如使用.yourdomain.com"允许从您的所有子域访问.

根据他们的示例代码:

name = 'baker_id';$this->Cookie->time = 3600;//或 '1 小时'$this->Cookie->path = '/bakers/preferences/';$this->Cookie->domain = 'example.com';$this->Cookie->secure = true;//即仅在使用安全 HTTPS 时发送$this->Cookie->key = 'qSI232qs*&sXOw!';$this->Cookie->httpOnly = true;}

Cookies (CakePHP 3.x):

阅读此处.

cookie 可用的域.使 cookie 可用在 example.com 的所有子域上将域设置为.example.com".

I am working with Cakephp and I have an issue maintaining session across subdomains. My problem is as follows:

  • Users login on 'localhost/login'
  • If authenticated they are redirected to 'customer.localhost/home'.

Currently Cake is creating a cookie for each domain ie localhost and customer.localhost.This means that I cannot keep the session working for the user. Is there a way to make all cookies domain fixed to the parent domain with the goal of keeping the session working across subdomains?

I have tried entering this in my bootstrap but it has no effect:ini_set('session.cookie_domain', '.localhost');

If you think this cannot be done please feel free to let me know so that I can move on from this frustrating problem.

Many thanks,

kSeudo

解决方案

Sessions (CakePHP 2.x):

To make the session cookie valid for all your subdomains and the top level domain, you actually need to set it yourself in your APP/config/bootstrap.php file:

ini_set('session.cookie_domain', '.domain.com');

Then, in your APP/config/core.php file, set Security to low:

Configure::write('Security.level', 'low');

Sessions (CakePHP 3.x)

Configure::write('Session', [
    'defaults' => 'php',
    'ini' => [
        'session.cookie_path' => '/',
        'session.cookie_domain' => '.yourdomain.com'
    ]
]);



Cookies (CakePHP 2.x):

On this page it explains that you can use the 'domain' variable:

Per their example code:

<?php
public $components = array('Cookie');
public function beforeFilter() {
    parent::beforeFilter();
    $this->Cookie->name = 'baker_id';
    $this->Cookie->time =  3600;  // or '1 hour'
    $this->Cookie->path = '/bakers/preferences/';
    $this->Cookie->domain = 'example.com';
    $this->Cookie->secure = true;  // i.e. only sent if using secure HTTPS
    $this->Cookie->key = 'qSI232qs*&sXOw!';
    $this->Cookie->httpOnly = true;
}

Cookies (CakePHP 3.x):

Read here.

这篇关于CakePHP 保持从主域到子域的会话的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-24 18:48