Geek Answers Handbook

Cakephp multiple applications with the same cake library and shared session

I had an application to launch cakephp as our company's public website, the boss asked me to create another application for managing operations in the office using the same user accounts and their privileges.

On the local development PC, the project is located in D:/wamp/www/blackstone
I just copied D:/wamp/www/blackstone/app and pasted it in the same place, calling it office .

Application folder paths:

 D:/wamp/www/blackstone/app D:/wamp/www/blackstone/office

I have included "isAutorized", "Auth" and "Session" in the "office" appController to prevent login verification. Applications are accessed using the following URLs:

 localhost/blackstone localhost/blackstone/office

I want to access a blackstone session in office . I have yet to find a solution.

I currently have core.php in blackstone like:

 Configure::write('Session', array( 'defaults' => 'cake', 'cookie' => 'my_app', 'timeout' => 500, // 8 hours + 20 min, 'cookie_path' => '/', ) );

core.php in office app like:

 Configure::write('Session', array( 'defaults' => 'cake', 'cookie' => 'my_app', 'timeout' => 500, // 8 hours + 20 min, 'cookie_path' => '../', ) );

and this has led to much larger changes.

What can I try and change?

+4
source share
1 answer

When debugging something like this, it’s best to try to set the simplest, most stupid parameters most error-prone, only to make sure that you can get it to work first and then gradually increase the complexity as to what you want to use in manufacturing (e.g. safer) to see exactly where it might break.

First, make sure to set Security.level = "low" in the core.php file in both applications. Otherwise, the application checks the session referrer (if “medium”) or even regenerates the session identifier (if “high”), which will definitely prevent sharing.

The two difficulty points that I see are "defaults" => "cake" and the corresponding cookie_path values. As the CakePHP manual says , setting this parameter to 'cake' puts the server session cookie in a directory relative to this application.

Instead, you should comment out the cookie_path lines and then set 'defaults' => 'php'. This way, you know that at least PHP will place session cookies in one fixed directory on your development machine.

If you should go back to cake, make sure your cookie_path parameters actually write the server cookie to the same public directory. Actually look at the files that are written to the expected directories when you visit both applications in the browser. If two applications write cookies to different directories, you must correct your cookie_path settings to match, because the applications are not explicitly shared. In addition, depending on your version of CakePHP, you may need to write this parameter as the following, and not as it, for it to take effect: 'ini' => array ('session.cookie_path' => '/ app / dir')

Finally, double-check that the site’s domain, the “cookie path”, and each other session cookie setting are exactly the same. (You can check the cookies on the client side in your Chrome web inspector.) If something is not consistent, the applications will not be able to share.

+1
source

More articles:


All Articles