1. Why do I need to add a new user verification:
Because I want to make the website backend and frontend in the same yii application. But the frontend also includes member management Center. The two user verifications are completely different, so two different login pages are needed, and user information must be stored in different cookies or sessions. Therefore, a user verification needs to be added to an application
2.yii user verification:
Before customizing user verification, we must first figure out yii’s verification and authorization methods.
In order to verify a user, we It is necessary to define a verification class with verification logic. In Yii, this class needs to implement the IUserIdentity interface. Different classes can implement different verification methods. Website login generally requires user name and password verification. Yii provides the CUserIdentity class. This class A class generally used to verify usernames and passwords. After inheritance, we need to rewrite the authenticate() method to implement our own verification method. The specific code is as follows:
Php code
Copy code The code is as follows:
class UserIdentity extends CUserIdentity
{
private $_id;
public function authenticate()
$this->errorCode=self::ERROR_USERNAME_INVALID;
else if($record->password!==md5($this->password))
$this->errorCode= Self :: error_password_inValid;
Else
{
$ This-GT; t; );
$this->errorCode=self::ERROR_NONE;
}
return !$this->errorCode; {
return $this->_id;
Copy code
The code is as follows:
// Use the provided username and password to log in to the user
$identity=new UserIdentity($username ,$password);
if($identity->authenticate())
Yii::app()->user->login($identity);
else
echo $ identity->errorMessage; When the user exits, the following code is called:Php code
Copy code
The code is as follows:
// Log out the current user
Yii::app()->user->logout();
where user is yii A component. Need to be defined in protected/config/main.php
Php code Copy code The code is as follows:
'user'=>array(
// enable cookie-based authentication
'allowAutoLogin'=>true,
'loginUrl' => array('site /login'),
),
Here we do not specify the class name of user. Because user is an instance of the CWebUser class by default in yii.
We have now implemented the user Login verification and logout. But now users can access all actions regardless of whether they are logged in, so in the next step we need to authorize user access. In Yii, user authorization is achieved through Access Control Filter, that is, access control filter. We Take a look at a simple Controller with access control:Php code
Copy code
The code is as follows:
class AdminDefaultController extends CController
{
public function filters()
{
return array('accessControl');
}
Public function accessRules()
{ ; array('@'),
'deny',
'users' => array('*')
🎜>
We are in filters method Set a specific filter in. We can see that there is an accessControl parameter in the array returned by the filters method.
There is a filterAccessControl method in the CController class:
Php code
Copy code
The code is as follows:
public function filterAccessControl($filterChain)
{ $filter=new CAccessControlFilter;
$filter-> ;setRules($this->accessRules());
$filter->filter($filterChain); } Create a new CAccessControlFilter instance inside, and in When setRules, the parameters returned by the accessRules() method are passed in.
$filter->filter($filterChain) continues to call other filters.
And all specific authorization rules are defined in accessRules Medium:
Php code
Copy code
The code is as follows:
public function accessRules()
{ return array(
array('deny',
'actions'=>array('create', 'edit'), 'users'=>array(' ?' ), ), array('allow', 'actions'=>array('delete'),
'roles'=>array('admin' ),
array('deny', 🎜> ),
); CWebUser inherits a CAdminUser:
Php code
Copy code
The code is as follows:
class CAdminWebUser extends CWebUser
{
public $loginUrl = array('admin/admin/login');
}
We need to place it in components
If it is a global application, pass the components section of protected/config/main.php:
Php code
Copy code The code is as follows:
'user'=>array(
// enable cookie-based authentication
'class' => ; 'CAdminUser',
'allowAutoLogin'=>true,
'loginUrl' => array('site/login'),
),
If it is in modules, add the following code in the init method of the module class:
Php code
Copy the code The code is as follows:
$this->setComponents(array(
'adminUser' => array(
'CAdminWebUser',
'allowAutoLogin ' => false,
) )
));
Last calling method
Php code
Copy code The code is as follows:
//Global application
Yii::app()->getComponent('adminUser');
//In module
Yii::app()->controller->module->getComponent('adminUser');
But this is not enough, we also need to modify the Controller's filter, we need Customize a filter to implement verification and authorization of another user
The first step is to customize a filter:
Php code
Copy code The code is as follows:
class CAdminAccessControlFilter extends CAccessControlFilter
{
protected function preFilter($filterChain)
{
$app=Yii::app ();
$request=$app->getRequest();
$user = Yii::app()->controller->module->getComponent('adminUser');
$verb=$request->getRequestType();
$ip=$request->getUserHostAddress();
foreach($this->getRules() as $rule)
{ 🎜> return false; ;
return true; >
Copy code
The code is as follows:
public function filterAccessControl($filterChain)
{
$filter = new CAdminAccessControlFilter();
$ filter->setRules($this->accessRules());
$filter->filter($filterChain);
}
//Here we use a custom filter class to replace Original filter
OK, here we can specify the authorization of adminUser in the accessRules() of this Controller
http://www.bkjia.com/PHPjc/327749.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/327749.htmlTechArticle1. Why do I need to add a new user verification: Because I want to build the website backend and frontend in the same yii In the application. But the front desk also contains a member management center. And these two user verifications are complete...