User Is Logged Out After Logging In

Hi again

I have this new issue which I just noticed today. I’m playing around with pages that require authentication and when my user (I have only one in the database) logs in, I’m taken to the home page as expected, but I’m not logged in. I can see this by var dumping the session, as well as Yii:$app->user. Also, it still says Login in the top menu.

I haven’t extended any of the associated classes so it’s really weird. it’s like that session is being unset at some point.

Here is my code (which is pretty much unchanged from the generated advanced template)


// behaviors - access control

'access' => [

                'class' => AccessControl::className(),

                'only' => ['logout', 'register'],

                'rules' => [


                        'actions' => ['register'],

                        'allow' => true,

                        'roles' => ['?'],



                        'actions' => ['logout'],

                        'allow' => true,

                        'roles' => ['@'],




            'verbs' => [

                'class' => VerbFilter::className(),

                'actions' => [

                    'logout' => ['post'],



// actionLogin

public function actionLogin()


        if (!\Yii::$app->user->isGuest) {

            return $this->goHome();


        $model = new LoginForm();

        if ($model->load(Yii::$app->request->post()) && $model->login()) {


            // exit;

            //return $this->goBack();


        } else {

            return $this->render('login', [

                'model' => $model,




As you can see in actionLogin(), I have some commented out debugging code to check if the login actually works. When I uncomment this, I can see that my user logs in, but once I put the comments back on, the login is unset somehow. Anyway, it redirects just fine to site/index so I know it is passing the login. To double check, I have tried putting but data into the login form and it fails with validation errors as expected.

Has anyone got any ideas about this?

I had this issue a while back, but it was really weird.

What happened was that the returnUrl would get set to the logout page, which meant that I would:

log in, get automatically redirected to the logout page, get logged out, and then redirected back to the login page.

So try clearing your cookies and checking that returnUrl.

Hi thanks for getting back. I’m pretty sure I had tried that already but I gave it a go just for sure and I’m still not logging in correctly. I’ve also tried another browser.

It seems as though I’m logging in ok as I get redirected to the index page as expected, but I’m not logged in. When I var dump either $_session or yii::$app->session there is no returnUrl (as I’m only testing index.php and login.php).

Very weird!

Just in case it happens to anyone else, I managed to fix it.

It was of course silly in the end but took me a whole day to figure out! :wacko:

Basically while I was generating all the crud from the database using Gii, I must have inadvertently overwritten the User file. I only found out by installing another copy of the advanced template and comparing every single file. yawn!!

Anyway, my User model was not implementing IdentityInterface. So I can now login again and stay logged in. Yay! :slight_smile: I just don’t remember at all asking Gii to overwrite the original User model. But hey it works again!

Thanks for your suggestions anyway. My head hurts so I need some Yii downtime! -_-

Dammit, this is the exact problem I had when I was regenerating my models using the updated gii version.

I remember it because it specifically checks for instance of IdentityInterface, but does something weird if it isn’t.

Unfortunately I couldn’t remember this, which is why I didn’t mention it.

Thanks for figuring it out!

    // yii2/web/User.php

    public function switchIdentity($identity, $duration = 0)


        $session = Yii::$app->getSession();

        if (!YII_ENV_TEST) {






        if ($identity instanceof IdentityInterface) {

            $session->set($this->idParam, $identity->getId());

            if ($this->authTimeout !== null) {

                $session->set($this->authTimeoutParam, time() + $this->authTimeout);


            if ($duration > 0 && $this->enableAutoLogin) {

                $this->sendIdentityCookie($identity, $duration);


        } elseif ($this->enableAutoLogin) {

            Yii::$app->getResponse()->getCookies()->remove(new Cookie($this->identityCookie));