Hi no matter what i try i keep getting Bad Request on my front end application when i login. I have a setup where my backend is at admin.domain.com and front end is on domain.com. I have tried a simple config with just different cookieValidationKeys, this doesn’t work and i also have the following configs which works on my local computer but not my server, what am i doing wrong!
frontend
'components' => [
'request' => [
// !!! insert a secret key in the following (if it is empty) - this is required by cookie validation
'cookieValidationKey' => 'pOfS75nOJUW9cXxg-JdnaHtpW9npQdGys',
'csrfParam' => '_csrf-frontend',
'csrfCookie' => [
'httpOnly' => true,
],
],
'user' => [
'identityClass' => 'common\models\User',
'enableAutoLogin' => true,
'identityCookie' => [
'name' => '_identity-frontend',
'httpOnly' => true,
],
],
'session' => [
// this is the name of the session cookie used for login on the backend
'name' => 'advanced-frontend',
'cookieParams' => [
'httpOnly' => true,
'path' => '/',
],
],
],
Backend
'components' => [
'request' => [
// !!! insert a secret key in the following (if it is empty) - this is required by cookie validation
'cookieValidationKey' => 'vDnre587vu-XAt_FOmc2K6qvwxxpa0Q0',
'csrfParam' => '_backendCSRF',
'csrfCookie' => [
'httpOnly' => true,
],
],
'user' => [
'identityClass' => 'common\models\User',
'enableAutoLogin' => true,
'identityCookie' => [
'name' => '_backendIdentity',
'httpOnly' => true,
],
],
'session' => [
// this is the name of the session cookie used for login on the backend
'name' => 'PHPBACKSESSID',
'cookieParams' => [
'httpOnly' => true,
'path' => '/',
],
],
],