Hey
I have a dev site front ended by NGINX on localhost, and a staging site on external site, front ended by NGINX as well.
This action allows a user to impersonate another user.
public function actionImpersonate($id)
{
$user = $this->findModel($id);
if ($user) {
$data = ['id' => Yii::$app->user->id, 'name' => Yii::$app->user->identity->getFullName()];
Yii::$app->session->set('impersonation_user',$data);
Yii::$app->user->login($user, 3600 * 24 * 30);
return $this->redirect('/');
}
else
{
return $this->redirect('/user');
}
}
On the redirect, session(‘impersonation_user’) stays set on localhost, not on staging server.
Looking through debug logs the only difference in the log for processing / after the redirect is:
16 19:58:22.259 info yii\web\User::loginByCookie User ‘3’ logged in from 202.37.179.5 via cookie.
I traced this to web/User.php: function renewAuthStatus
It appears that the isGuest returns true on staging server, and false on local server, and therefore on staging loginByCookie() is called.
I inspected Request -> Headers -> Response Headers and on localhost a Set-Cookie for ‘_identity’ cookie is NOT done whereas in staging it is.
Anyone able to help debug the difference between environments.
Both running 2.0.3