Setting session data


I have a dev site front ended by NGINX on localhost, and a staging site on external site, front ended by NGINX as well.

This action allows a user to impersonate another user.

    public function actionImpersonate($id)


        $user = $this->findModel($id);

        if ($user) {

            $data = ['id' => Yii::$app->user->id, 'name' => Yii::$app->user->identity->getFullName()];


            Yii::$app->user->login($user, 3600 * 24 * 30);

            return $this->redirect('/');




            return $this->redirect('/user');



On the redirect, session(‘impersonation_user’) stays set on localhost, not on staging server.

Looking through debug logs the only difference in the log for processing / after the redirect is:

16 19:58:22.259 info yii\web\User::loginByCookie User ‘3’ logged in from via cookie.

I traced this to web/User.php: function renewAuthStatus

It appears that the isGuest returns true on staging server, and false on local server, and therefore on staging loginByCookie() is called.

I inspected Request -> Headers -> Response Headers and on localhost a Set-Cookie for ‘_identity’ cookie is NOT done whereas in staging it is.

Anyone able to help debug the difference between environments.

Both running 2.0.3