I do , terminate user those login by one user name and have list of user logged in and the user can terminate them .but have some question: I want to know this is a good way ? what are their problem ?
I have two tables , [‘session’, ‘auth_key’]
session: id, user_id, expire, data, agent
auth_key: id, user_id, auth_key, session_id, agent, ip, create_at
NOTice: there isn’t relation between id and session id because I got some error and I cant to update that , and when I remove relation It’s work
this is my session config in web.php to save the session in db
'session' => [
'class' => 'yii\web\DbSession',
'timeout' => 100,
'writeCallback' => function($session)
{
return [
'user_id' => Yii::$app->user->id,
'agent' => Yii::$app->request->getUserAgent(),
'ip' => Yii::$app->request->getUserIP(),
];
}
],
and I save separate auth_key for each user in new table
this is my scenario to detect user : in this part I check If user did’nt have auth_key I create new auth key for him, If the user have auth_key but his session is seprate from auth_key table session filed I update session field in auth_key table (this is for those user come when the close their browser )
public function getAuthKey()
{
if (($authKey = $this->getIdentityCookie()) == null)
{
if (!Yii::$app->user->getIsGuest())
{
$authKey = $this->setNewAuthKey();
}
}
elseif($this->authKeyRecord->session_id != Yii::$app->getSession()->getId())
{
AuthKey::updateAll(['session_id' => Yii::$app->session->getId()],['id' => $this->authKeyRecord->id]);
}
return $authKey;
}
and this is for check if the user have Identity cookie or not :
public function getIdentityCookie()
{
$authKey = null;
if(Yii::$app->request->cookies->has('_identity')) {
$data = json_decode(Yii::$app->request->cookies->getValue('_identity'), true);
if (count($data) == 3) {
list ($id, $authKey, $duration) = $data;
} else {
return null;
}
if($authKey != null)
{
if(($model = AuthKey::findOne(['auth_key' => $authKey])) != null){
$this->authKeyRecord = $model;
return $model->auth_key;
} else {
$this->authKeyRecord = null;
return null;
}
}
else
{
return null;
}
}
else{
return null;
}
}
and this is for create new "auth_key" in auth_key table
public function setNewAuthKey()
{
$model = new AuthKey();
$model->user_id = Yii::$app->user->id;
$model->auth_key = Yii::$app->security->generateRandomString();
$model->session_id = Yii::$app->session->id;
$model->agent = Yii::$app->request->userAgent;
$model->ip = Yii::$app->request->userIP;
$model->create_at = time();
return $model->save() ? $model->auth_key : null;
}