当用户打开网站www.dominname.com
时,我正在使用Yii框架和登录到该站点时,上的身份验证或用户会话数据不相同http://dominname.com
所以用户在打开HTTP时必须再次登录,我如何才能在WWW和HTTP上进行身份验证登录,或者在WWW与HTTP之间共享会话数据。Yii有什么配置可以解决这个问题吗?
如果用户检查rememberMe
,此代码对我有效,否则用户将不会登录有人知道怎么解决这个问题吗?
-
主/配置
'user' => array( // enable cookie-based authentication 'class' => 'WebUser', 'allowAutoLogin' => true, ), 'session' => array( 'savePath' => dirname(__FILE__) . DIRECTORY_SEPARATOR . '../../session', 'cookieMode' => 'allow', 'cookieParams' => array( 'path' => '/', 'domain' => '.domainname.org', 'httpOnly' => true, ), ),
-
组件/WebUser
class WebUser extends CWebUser { public $identityCookie = array( 'path' => '/', 'domain' => '.domainname.org', ); public function init() { $conf = Yii::app()->session->cookieParams; $this->identityCookie = array( 'path' => $conf['path'], 'domain' => $conf['domain'], ); parent::init(); } public function logout($destroySession = true) { if ($this->allowAutoLogin && isset($this->identityCookie['domain'])) { $cookies = Yii::app()->getRequest()->getCookies(); if (null !== ($cookie = $cookies[$this->getStateKeyPrefix()])) { $originalCookie = new CHttpCookie($cookie->name, $cookie->value); $cookie->domain = $this->identityCookie['domain']; $cookies->remove($this->getStateKeyPrefix()); $cookies->add($originalCookie->name, $originalCookie); } } parent::logout($destroySession); } }
除非有理由将www和非www域分开,否则最好将非www域的www重定向到另一个域。此外,它对SEO更好。您可以将其添加到.htaccess文件中:
RewriteEngine On
rewritecond %{http_host} ^yoursite.com
rewriteRule ^(.*) http://www.yoursite.com/$1 [R=301,L]