Posts Tagged with UserIdentity

Displaying 1-2 of 2 results.
Wiki: Yii 1.1 Аутентификация и авторизация. Authentication and authorization. UserIdentitywiki
posted by admin on March 24, 2016
1. Определение класса Identity. Defining Class Identity
Edit your components/UserIdentity.php

class UserIdentity extends CUserIdentity
{
private $_id;
public function authenticate()
{
$record=User::model()->findByAttributes(array('username'=>$this->username));
if($record===null)
$this->errorCode=self::ERROR_USERNAME_INVALID;
else if(!CPasswordHelper::verifyPassword($this->password,$record->password))
$this->errorCode=self::ERROR_PASSWORD_INVALID;
else
{
$this->_id=$record->id;
$this->setState('title', $record->title);
$this->errorCode=self::ERROR_NONE;
}
return !$this->errorCode;
}

public function getId()
{
return $this->_id;
}
}


2. controllers/SiteController.php, add

class SiteController extends Controller
{
...
public function filters()
{
return array(
'accessControl',
);
}
...
}


3.Check models/LoginForm.php

<?php

/**
* LoginForm class.
* LoginForm is the data structure for keeping
* user login form data. It is used by the 'login' action of 'SiteController'.
*/
class LoginForm extends CFormModel
{
public $username;
public $password;
public $rememberMe;

private $_identity;

/**
* Declares the validation rules.
* The rules state that username and password are required,
* and password needs to be authenticated.
*/
public function rules()
{
return array(
// username and password are required
array('username, password', 'required'),
// rememberMe needs to be a boolean
array('rememberMe', 'boolean'),
// password needs to be authenticated
array('password', 'authenticate'),
);
}

/**
* Declares attribute labels.
*/
public function attributeLabels()
{
return array(
'rememberMe'=>'Remember me next time',
);
}

/**
* Authenticates the password.
* This is the 'authenticate' validator as declared in rules().
*/
public function authenticate($attribute,$params)
{
if(!$this->hasErrors())
{
$this->_identity=new UserIdentity($this->username,$this->password);
if(!$this->_identity->authenticate())
$this->addError('password','Incorrect username or password.');
}
}

/**
* Logs in the user using the given username and password in the model.
* @return boolean whether login is successful
*/
public function login()
{
if($this->_identity===null)
{
$this->_identity=new UserIdentity($this->username,$this->password);
$this->_identity->authenticate();
}
if($this->_identity->errorCode===UserIdentity::ERROR_NONE)
{
$duration=$this->rememberMe ? 3600*24*30 : 0; // 30 days
Yii::app()->user->login($this->_identity,$duration);
return true;
}
else
return false;
}
}


4. Create models/User.php
4.1. Activate GII module
Go to config/main.php and uncomment the following rows

'gii'=>array(
'class'=>'system.gii.GiiModule',
'password'=>'o55is88oois',
// If removed, Gii defaults to localhost only. Edit carefully to taste.
'ipFilters'=>array('127.0.0.1','::1'),
),


4.2. Go to GII module

http://avaim.ru/index.php?r=gii


4.3. Generate your User.php model, from your users table

4.4. Add to User.php

public function validatePassword($password)
{
return CPasswordHelper::verifyPassword($password,$this->password);
}

public function hashPassword($password)
{
return CPasswordHelper::hashPassword($password);
}


5. Insert user to your users table and enjoy
For example, insert into your users table row
Username: admin
Password HASH: $2y$13$imm.m0q9qN/IrWF4AtmH4ejHyS3d.ElmkayY3vQ69DTApgEY4ne36

6. Login to your website
Go to your_website/index.php?r=site/login and login
Username: admin
Password HASH: 123

Enjoy ;)Read more
Wiki: Yii 1.1: More information to Yii::app() user - id, userrole etc.wiki
posted by admin on March 2, 2016
By default, the expression Yii::app()->user returns a CWebUser application component which represents the information that are closely related with the current user. Some information can be persistent throughout the current user session. For example, CWebUser already comes with a name property that stores the username of the current user.

In order to store more information, we need to modify the identity class used together with CWebUser. Each application may have one or several identity classes which are mainly responsible to provide ways of performing user authentication.

Here we use the UserIdentity class included in the testdrive application as an example, assuming our goal is to add the ID and the last login time of the user to CWebUser. We would modify UserIdentity as follows,


class UserIdentity extends CUserIdentity
{
private $_id;

public function authenticate()
{
$user=User::model()->findByAttributes(array('username'=>$this->username));
if($user===null)
$this->errorCode=self::ERROR_USERNAME_INVALID;
else if($user->password!==md5($this->password))
$this->errorCode=self::ERROR_PASSWORD_INVALID;
else
{
$this->_id=$user->id;
$this->setState('userrole', $user->userrole_id);
$this->errorCode=self::ERROR_NONE;
}
return !$this->errorCode;
}

public function getId()
{
return $this->_id;
}
}


In the above, during authentication we retrieve the ID and the last login time information of the authenticated user. We save the ID in a private variable $_id and save lastLoginTime in a state by calling setState(). The reason that we use different approaches to save id and lastLoginTime is because id is a pre-defined property that is recognized by CWebUser. If we want to store more information, we should use setState(), like we do with lastLoginTime.

We also override the getId() method to return the private variable $_id. The parent implementation is to return the username.

That's all we need. Now if we want to retrieve the id or lastLoginTime information in our code, we can do the following:

$id=Yii::app()->user->id;
$userrole=Yii::app()->user->userrole;
Read more