I have two Yii projects, where second is a fork of first one. I noticed, that if I open both of them in the same time in two browser tabs, login in both apps and then log out in one of them, I’m immediately logged out of second one as well.
Is this a normal situation (Yii design feature – i.e. it uses non-unique cookie for storing login state) or does this seems, that I made some mistake, when doing fork, and such thing should not happen at all?
it is only possible when both apps are in same domain (session cookie and session itself are shared). Every application has its own "stateKeyPrefix", so they do not interfere during normal work. But when you call Yii::app()->user->logout() by default session is destroyed:
this is why you are logged out also in second app. To prevent this behavior - call logout( false ) in both apps and it should destroy only user data specific to current app.
Red, you’re most certainly right, that all apps are in the same domain, and this domain is called… localhost! :]
So, yeah – this shouldn’t happen on production server (each Yii application deployed to its own subdomain or even domain), but I think, that precautions are never to big (unless they fall into Premature optimization is the beginning of all hell coding rule! :])
Solution to this problem is, however quite simplier, than you proposed and requires to set unique sessionName – one have to set