将 Yii1 CSRF Token 用于 Yii2

Question

I am trying to migrate Yii1 application into Yii2 gradually. Until the whole project migrates Yii1 & Yii2 should work together. To do that what i have done is downloaded the Yii Basic and places it on root directory. Then made changes in Yii1/protected/config/main.php to share session between Yii1 & Yii2.

components => array(
    'session' => array(
        'class' => 'CDbHttpSession',
        'sessionTableName' => 'session',
    ),
    'user' => array(
        'allowAutoLogin' => true,
        'authTimeout' => 3600 * 24 * 30,
        'stateKeyPrefix' => ''
    ),
)

After above change Yii1 & Yii2 shares the same session.

As of now user login through Yii1. So how can i pass the Yii1's CSRF into Yii2? So both application works with the same CSRF token. As of When ever yii2 generates the CSRF, yii1's CSRF got invalid

What i am thing is set Yii1's CSRF into Session and then in Yii2 generates the CSRF using the value from session. But not sure how to achieve that in Yii2?

I have tried below in my global controller in Yii 2.

Yii::$app->getSession()->set(Yii::$app->request->csrfParam,$_SESSION['csrf_token_value']);

So i will have Yii 1's CSRF into Yii2 But not sure how to use that in Yii 2.

Answer 1

i have resolved it by changing the CSRF Param name for Yii2 application and it resolved the issue.

ie

'request' => [
        'cookieValidationKey' => 'XXXXXXXXXXXXXXXXX',
        'enableCsrfValidation' => true,
        'csrfParam' => 'yii2_csrf'
    ],