I just checked it again after waking up - still logged in on localhost, logged out on production.
Edit - just hacked my user component on production to double check.
nano vendor/yiisoft/yii2/web/User.php
...
public function login($identity, $duration = 0) {
var_dump($this->enableAutoLogin);echo $duration;exit;
...
}
// outputs "bool(true) 2592000" when I log in
The "problem" should be in PHP garbage collection.
in localhost you are the only user and PHP session is not cleared out even if you access it 24h later just continued as you ask for the same session on page load. In shared environment PHP session timeout kicks in and you session will be cleared out.
OFC because you are using autologin the session should be automatically restarted and you logged in. Not sure why it’s not happening. You can test in localhost if the same happens. Just open the site in different browser after the PHP session timeout should kick in and then reload the page in main browser.
public function beforeSave($insert)
{
if (parent::beforeSave($insert)) {
if (($this->isNewRecord || $this->getScenario() === 'resetPassword') && !empty($this->password)) {
$this->password_hash = Security::generatePasswordHash($this->password);
}
if ($this->isNewRecord) {
$this->auth_key = Security::generateRandomKey();
}
return true;
}
return false;
}
Here’s the basic template version which kind of just puts that directly into the “database”.
Perhaps a note should be added to make this more clear?
Edit: Yes, this is related to what Renka said. On localhost, session is never cleared so it never needs to call yii\web\User::loginByCookie(), which is where the autologin fails.
