This is as an extension of this wiki by Kartik V which shows to make different enableAutoLogin cookies for frontend and backend.
This is as an extension of this wiki by Kartik V which shows to make different enableAutoLogin cookies for frontend and backend.
Your need: You require that for shared machines, the user is authenticated again for a backend access again, if someone is logged in from frontend and vice versa.
I am writing this guide because I struggled to find a resource that included ALL of the necessary steps to completely separate the frontend from the backend. After reading guides like Configuring different sessions for backend and frontend in yii-advanced-app and [yii2 configuring d...
JWT is short for JSON Web Token. It is used eg. instead of sessions to maintain a login in a browser that is talking to an API - since browser sessions are vulnerable to CSRF security issues. JWT is also less complicated than setting up an OAuth authentication mechanism.