I am developing a new Yii-powered site. It’s based on the Basic app with the default User logging in and out. In the config, I have enabled the enableAutoLogin option, hence it’s set to true:
'user' => [
'identityClass' => 'app\models\User',
'loginUrl' => ['site/login'],
'enableAutoLogin' => true,
],
The logout button is the default one from the Navbar, with POST request and VerbFilter in the controller. I noticed today that the logout button is not working anymore in IE. It works normally in Firefox, Chrome and Opera.
I’m using the default logout action:
public function actionLogout()
{
Yii::$app->user->logout();
return $this->goHome();
}
I have verified by echoing/exiting the Session details, that the session is indeed destroyed. However, upon redirect to Home (site/index as by default), the user will be immediately logged back in with a restored Session. In Firefox, Chrome and Opera, the user is redirected to the login page (site/login) and the Session is not restored. This is what one would expect; one logs in automatically for as long as one does not logout.
When I disable the enableAutoLogin option to false, the logout button works as intended. The Session is destroyed and not restored, in all mentioned browsers.
I also tried unsetting cookies, but to no avail. Upon the redirect after logout, it logs back in immediately.
To my experience, this behavior is of a recent nature. I have tried logging in and out before and, as far as I can remember, that worked fine also in IE 11. I’m on Yii 2.0.12, and I’m updating regularly to keep up.
Anyone else having this experience with IE 11? Is it a Yii-thing or is it an IE-thing? Any suggestions to do about it?
(Please: don’t comment on the use of IE; the company it’s intended for is using it and they’re stuck to it.)