Hi all.
I’m going to tell how to provide login mechanism to your sites by using Yii Framework.
Requirements
1) Authentication
Modify protected/components/UserIdentity.php as the following:
class UserIdentity extends CUserIdentity
{
/* ... */
public function authenticate()
{
$user=User::model()->find(array(
'condition'=>'username=:uname',
'params'=>array(':uname'=>$this->username),
));
/**
* NOTE: You should hash your passwords via CPasswordHelper::hashPassword($this->password)
* before saving to DB
*/
if($user && CPasswordHelper::verifyPassword($this->password,$user->password))
$this->errorCode=self::ERROR_NONE;
else
$this->errorCode=self::ERROR_PASSWORD_INVALID;
return !$this->errorCode;
}
/* ... */
}
2) Controllers
2.1) Base controller
Modify protected/components/Controller.php as the following:
class Controller extends CController
{
/* ... */
public function filters()
{
return array('accessControl');
}
public function accessRules()
{
return array(
array('allow','users'=>array('@')),
array('deny','users'=>array('?'))
);
}
/* ... */
}
2.2) SiteController
Modify protected/controllers/SiteController.php as the following:
class SiteController extends Controller
{
/* ... */
public function accessRules()
{
return array(
array('allow','users'=>array('@')),
array('allow','actions'=>array('login','logout'),'users'=>array('*')),
array('deny','users'=>array('*')),
);
}
/* ... */
}
2.3) Other controllers
You should remove accessRules and filters functions from other controllers.
If you want to use filters in your other controllers, you should use it like the following way:
public function filters()
{
return array_merge(parent::filters(),array(
'postOnly + delete',
));
}
That’s all. Happy coding!