I use advanced template and I can successfully session timeout in 15 minutes but it doesn't depends on activity, so even user active in website after login he will be logout after 15 minutes.
I know the idea I should put trigger to increase timeout in SiteController, but don't know how to implement it.
So far here is my code
backend\config\main.php
'user' => [
'identityClass' => 'common\models\User',
'enableAutoLogin' => false,
'authTimeout' => 900
],
'session' => [
'class' => 'yii\web\Session',
'cookieparams' => ['httponly' => true, 'lifetime' => 900],
'timeout' => 900,
'useCookies' => true,
],
frontend\config\main.php
'user' => [
'identityClass' => 'common\models\UserCustomer',
'enableAutoLogin' => false,
//'enableSession' => true,
'authTimeout' => 900,
],
'session' => [
'class' => 'yii\web\Session',
'cookieparams' => ['httponly' => true, 'lifetime' => 900],
'timeout' => 900,
'useCookies' => true,
],
What should I do now? so I can implement session timeout if no activity in 15 minutes.
Thanks in advance.
I believe your problem is different and there is a better solution than putting a trigger in your controller.
Most probably you are not setting a duration for http://www.yiiframework.com/doc-2.0/yii-web-user.html#login()-detail. Search for the line where you login the user. Probably something like:
Yii::$app->user->login($this->getUser());
change to
Yii::$app->user->login($this->getUser(), 900);
There are also several reasons this might not be working, but this is the most obvious.
Related
How to completely disable auto-logout?
My current config in web.php:
'user' => [
'identityClass' => 'app\models\AdminUser',
'enableSession' => true,
'authTimeout' => 18000
]
I also tried this, but it didn't work (auto logged me out after 60 seconds):
'user' => [
'identityClass' => 'app\models\AdminUser',
'enableAutoLogin' => false,
'authTimeout' => 60
]
I don't want a user to logout after anytime he is inactive.
I can not find the answer here http://www.yiiframework.com/doc-2.0/yii-web-user.html
Just comment the line with 'autoTimeout'
'user' => [
'identityClass' => 'app\models\AdminUser',
'enableAutoLogin' => false,
//'authTimeout' => 60
]
Enable cookie-based login, cause session has a limited time and expired fast.
'user' => [
'identityClass' => 'app\models\AdminUser',
// this will allow to store auth info in cookie
'enableAutoLogin' => true
]
yii\web\User::login() method has attribute $duration
Yii::$app->user->login($identity, 60*60*24*365*10); // 10 years
The login authTimeout is set to two hours but the system logout itself after 30 minutes if the system is idle. Any idea why that happened?
'components' => [
'user' => [
'identityClass' => 'app\models\User',
'enableAutoLogin' => false,
'authTimeout' => 7200,
'enableSession' => true,
],
]
Probably this is related to session timeout. Usual default value is about ~30 minutes, so session will expire before authTimeout takes effect. You need to adjust Session::$timeout value in your config:
'session' => [
'timeout' => 7200, // or greater
],
I've upgraded my CakePHP app from 3.5.2 to 3.6.7. My email functionality no longer works in the new version.
The email transport in config/app.php is:
'EmailTransport' => [
'default' => [
'className' => 'Smtp',
'host' => 'smtp.gmail.com',
'port' => 587,
'timeout' => 30,
'username' => 'user#domain.com',
'password' => 'secret',
'client' => null,
'context' => [
'ssl' => [
'verify_peer' => false,
'verify_peer_name' => false,
'allow_self_signed' => true
]
],
'tls' => true,
],
],
And, the email sending code is:
$email = new Email('default');
$email->addTo($user['email'], $user['fullname']);
$email->viewVars([
'messagebody' => 'Hello, I am the message body of the email',
]);
$email->setTemplate('mytemplate','mylayout')
->emailFormat('html')
->setFrom(['sender#domain.com' => __('Sender Name')])
->setSubject(__('Welcome Email'))
->helpers(['Html'])
->send();
This works perfectly in 3.5.2. However, in 3.6.7, I get an error as follows:
Notice (8): Undefined index: debugKitLog [ROOT\vendor\cakephp\debug_kit\src\Mailer\Transport\DebugKitTransport.php, line 37]
The context of the notice is:
$config = [
'host' => 'smtp.gmail.com',
'port' => (int) 587,
'timeout' => (int) 30,
'username' => 'user#domain.com',
'password' => 'secret',
'client' => null,
'context' => [
'ssl' => [
'verify_peer' => false,
'verify_peer_name' => false,
'allow_self_signed' => true
]
],
'tls' => true
]
$originalTransport = null
Note, the same error occurs when using the Debug Kit's mail preview. Again, in 3.5.2 there are no errors, and emails send correctly. The errors only occur in 3.6.7.
Can anyone advise how to solve this? And what changed in recent versions of CakePHP to cause it?
Thanks in advance for any help or advice.
DBZ
Fixed the issue... was related to loading the debugkit plugin improperly in config/bootstrap.php
I am using below code to auto logout after some time interval
'session' => [
'timeout' => 10,
],
'user' => [
'identityClass' => 'common\models\User',
'enableAutoLogin' => false,
'authTimeout' => 10,
],
It logged out successfully
but did not redirect to login page
how to do that?
You can use behaviors for actions.
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'only' => ['index', 'logout','view','create','update','delete'],
'rules' => [
[
'actions' => ['index', 'logout','view','create','update','delete'],
'allow' => true,
'roles' => ['#'],
],
],
],
];
}
So user is not logged in it will redirect to login url. You can also set login url
'session' => [
'timeout' => 10,
],
'user' => [
'identityClass' => 'common\models\User',
'enableAutoLogin' => false,
'authTimeout' => 10,
'loginUrl' => 'admin/default/login' // set your login path here
],
OR You can use beforeAction method to check that user is logged in or not and send user to login page.
public function beforeAction($action){
if (Yii::$app->user->isGuest){
return $this->redirect(['site/login'])->send(); // login path
}
}
I have session configuration as follows
'user' => [
'identityClass' => 'common\models\LoginForm',
'enableAutoLogin' => false,
'loginUrl' => ['/login'],
'identityCookie' => [
'name' => '_OwnerUser', // unique for frontend
],
'authTimeout' => 1800,
],
'session' => [
'name' => 'PHPOWNERSESSID',
'savePath' => sys_get_temp_dir(),
'timeout'=> 1800
],
What I want to do is keep user logged in for 3 days, I have gone through the SO. In which way I can implement this?
Is it necessary to use cookies for storing session? if yes then how?
I want to implement it in my existing project which is in production and I have not used cookie for login purpose