This project was inspired by the yii-user module and was carefully developed with our expertise in Yii following the best practices of that framework. It is more secure because it uses passwords with salt that are encrypted using bcrypt instead of password hashes. It also comes with support for sending mail with truly random authentication tokens that expire.
- Built using best practices and easy to extend
- Single point of configuration (the module)
- Clean default UI built with Bootstrap 3
- Secure accounts (password + salt)
- Sign up with account activation (enabled by default)
- Log in / Log out
- Reset password
- Email sending (with token validation)
- Require new password every x days (disabled by default)
- Password history (encrypted) to prevent from using same password twice
- Login history for logging both successful and failed login attempts
- Console command for creating accounts
Tested with Yii 1.1.14, but should also work with older versions.
There are also plans for porting this extension to Yii2.
Documentation can be found on GitHub.
We strongly recommend that you use this module through Composer. However, we also wrote some instructions in the README on how to use it without Composer.
Version 1.1.0 (June 6, 2014)
- Add support for requiring a new password every x days (disabled by default)
- Add password history (encrypted) to prevent from using same password twice
- Add login history for logging both successful and failed login attempts
- Refactor quite a lot of code
Version 1.0.0 (June 5, 2014)