Session shared between two Phalcon applications

Question

Session shared between two Phalcon applications

sn0opr May '14

Created May '14	Last Reply May '14	Replies 2	Views 1272	Votes 2

sn0opr 22.8k

May '14

I have two Phalcon projects on my WAMP Server in the www folder:

/www/app1

/www/app2

I'm using the phalcon session bag service to manage users session I used the same service name in these two apps:

//same code for the app1 and app2
$dependencyInjector->set('userSession', function(){

    return new \Phalcon\Session\Bag('user');

});

But It seems that this session is shared between these two apps. When I login with the app1, I found myself logged in the app2 !

Is that a bug from Phalcon or because it's the same domain name (https://localhost) so the browser use the same cookie/session ?

2

Dylan Anderson · Answer 1 · 2014-05-20T08:33:00-07:00

You're using the same namepsace for both applications, so of course the session will be shared. If you want the session data to be separate, use a different bag namespace.

jymboche · Answer 2 · 2014-05-20T12:56:37-07:00

Yes, its because you are using the same domain. You have a cookie in your browser that specifies the session id. Cookies have a domain parameter and you can also specify a cookie to share a domain by using .mysite.com instead of mysite.com. But yes you will (should) only have one session id for all apps on localhost. See here:

https://www.php.net/manual/en/function.session-set-cookie-params.php