Started a new “basic” application in Yii 2.0. Tried to move users to database by copying elements from “advanced” application template. Login works fine, and I can see cookies saved. Auto-login (using cookies I assume) work fine too. But Logout fails to error 400. It seems that it’s all due to csrf validation failure. In the yii\web\Requst.php it’s mentioned that “to use this feature (csrf validation) forms submitted via POST method must contain a hidden input whose name is specified by [[csrfParam]]. You may use [[\yii\helpers\Html::beginForm()]] to generate his hidden input.” Logout seems to use POST method, but I don’t know how to pass the csrf token, or the hidden input containing it, to be validated.
I have to add that using original admin/demo users embeded in app\models\User.php (users defined in php file) login/logout was done correctly.
Is there any guide for authentication users with database?