Yii 1.1: hoauth

hoauth - simple integration of social network authorization lib Hybridauth and Yii (facebook, google, twitter, vkontakte ...)
  • hoauth extension provides simple integration with social network authorization lib Hybridauth in Yii. (facebook, google, twitter, vkontakte and much more).
  • Automatically finds and supports yii-user module (instruction is in documentation section).
  • Supports I18N (available translations)


The demonstration of hoauth extension integrated with yii-user extension can be found here.


  • Yii 1.1.9 or above. (I have tested it only in 1.1.13)

Available social networks

  • OpenID
  • Google
  • Facebook
  • Twitter
  • Yahoo
  • MySpace
  • Windows Live
  • LinkedIn
  • Foursquare
  • Vkontakte
  • AOL

Additional social networks providers can be found at HybridAuth website. And how to configure them here at the bottom of the page.



New in hoauth v1.2.5

  • added an option to display only icons in social login widget (HOAuth::onlyIcons)
  • Authentication through pop-up window
  • Added support of CWebUser::returnUrl (for popup window only if it has not default value)
  • Enh#45: Added composer support (example of installation)
  • Small refactoring
  • Added repo with the source code of demo project.

New in hoauth v1.2.4

  • updated hybridauth lib
  • support of older version of yii-user
  • moved to MIT license

New in hoauth v1.2.3

  • yii-user: we display username field only if it is required by the User model, so you can disable username field in yii-user.
  • fixed bug when after saving profileCache returned in serialized form
  • removed some NOTICE erros and fixed one stupid big with email sending callback (thanks to Komannder)
  • fixed bug with imposibility of login with twitter (and other similar SN) despite successful email activation
  • added two callbacks: hoauthCheckAccess() and hoauthAfterLogin(). Details at https://github.com/SleepWalker/hoauth/wiki/Callbacks.
  • added Spanish, German and Russian translations (thanks to Komannder and me)
  • Security improvement: if user try to login with email of existing local account, that is not bond to current social network, he will be asked for password to confirm binding.
  • added support of validatePassword() callback - alias for verifyPassword()
  • added widget HOAuthActive - display login buttons of social networks bond to current user (Komannder)

New in hoauth v1.2.2

  • Enh#6: support of prefixed table names
  • Enh#7: added ability to setup alias (by default is application.config.hoauth) of HybridAuth config file in yii config (Yii::app()->params['hoauth']['configAlias'])
  • Enh#8: widget to display social networks that user bond to
  • Support of yii-user version, when Profile::regMode isn't static property
  • Fixed issue when password field apeared, when it should not do so during social network signup
  • Support of sending activation email by yii-user module
  • Added support of yii-user banned and not activated account status
  • Ability to register a new account with the same SN, when in db still exists SN relation to account that was deleted
  • HOAuthWidget moved to widgets directory (see UPGRADE.md)

New in hoauth v1.2.1

  • It was decieded to move HybridAuth config file to the yii's config diretory and rename to hoauth.php. Extension will try to do it automatically, when config diretory is not writable, it will run with config file from old directory, but old directory has the deprecated status.
  • fixed bug with to long username, when registering user for yii-user extension.
  • Support of login from social networks, that returning no email (also added HUserInfoForm class).
  • updates in installation instructions

New in hoauth v1.2

  • HOAuthWiget property $controllerId replaced by $route and now you can specify route e.g. module/controller
  • Modification of HybridAuth install script to generating Endpoint URL properly.
  • Renaming of user_oauth table columns: name -> provider, value -> identifier (model will automatically update schema)
  • New features in UserOAuth.php model.
  • Support for yii-user extension

Total 20 comments

#18363 report it
BornToDrink at 2014/10/20 11:28am

Thank you for the extension!

Btw one note. Google does not allow return_url with some query parameters, like: ?var=1&var2=2

Needs to have a protocol, no URL fragment, and no relative paths

So adding: hauth.done in the url gives me an error.

In my case I need only google so I just removed that phrase from your code and added it hardcoded in the htaccess (rewrite). Not sure how it can be done in other way.

#18129 report it
SleepWalker at 2014/09/13 02:25pm

Thank you for contributing, Serge. Very nice article! I think, it should be in the ext description :)

#17975 report it
begemotik at 2014/08/20 04:40am

I've written an extensive tutorial on how to install both hoauth and Yii-user, and modify according to your needs.
I'm hoping this will help someone. You can find the article here.

#17948 report it
SleepWalker at 2014/08/14 11:05am
@laz karimov


For now I can suggest you to create virtual attributes in User model and save the to the related model in User::afterSave() method.

You can also use the following callbacks (simply create the method with coresponding name in your controller):

  • ::hoauthCheckAccess(CActiveRecord $user)
  • ::hoauthAfterLogin(CActiveRecord $user, boolean $isNewUser)

Another option is to use ::hoauthProcessUser() callback, but in this case you will need too much of copy paste

P.S. I will introduce new callbacks soon, as long as I will finish with refactoring

#17945 report it
laz karimov at 2014/08/14 10:10am
get user attributes


In SiteController we can specify the model and attributes to be attached.

'oauth' => array(
        'class' => 'ext.hoauth.HOAuthAction',
        'model' => 'User',
        'attributes' => array(
            'email' => 'email',
//          'first_name' => 'firstName',
//          'second_name' => 'lastName',

What if first_name and last_name (gender, date of birth, etc.) are in another model, and I want them to be attached as well?

Thanks in advance

#17490 report it
SleepWalker at 2014/06/22 06:01am
disable form after login

malkabani.com, If you mean the form for confirming existing account with password, you can disable this with alwaysCheckPass => false property of HOAuthAction.

if you mean the form that asks for username you should change yii-user's User model so that the username field becomes not required.

#17380 report it
malkabani.com at 2014/05/31 03:24am
disable form after login

hi i use yii-user with hoauth and i want to disable form that appear after login for first time and i want to save user information automaticly with ut this form how i do it thank you

#17333 report it
SleepWalker at 2014/05/25 01:40am

That method should be in the same controller as HOAuthAction action.

The rest I can't understand :) on which line you has Trying to get property of non-object? On those, where getUserContacts() is called?

#17298 report it
malkabani.com at 2014/05/20 10:12am

hi i add this code in controller.php

public static function hoauthAfterLogin($user, $newUser){
            $oAuth = UserOAuth::model()->authenticate("facebook");
            $userContacts = $oAuth->adapter->getUserContacts();
            echo "<pre>";

but when run the code i got this meesage

Trying to get property of non-object

and when i put it in siteController, it works fine

what is the problem

#17287 report it
malkabani.com at 2014/05/19 02:28pm
use it with api

hi i have website with api to contact with it and i want to use this extension in my site so i need to generate authkey for each user after login in so i need to store authkey in database (on table user)or another table is this rigth or not if this wrog what is the best idea to do it

thank you loot

#17275 report it
SleepWalker at 2014/05/19 06:55am

Image it is simply the photoURL property of User's profile object. And the information about friends you can get with $adapter->getUserContacts(), e.g.

$oAuth = UserOAuth::model()->authenticate($provider);
$userContacts = $oAuth->adapter->getUserContacts();

I haven't tested this functionality... More info you can find here and here.

#17273 report it
malkabani.com at 2014/05/19 06:28am
can i get user facebook image

hi i love this ext and i need to ask if i want to access to user facebook image or frends how it work and does i do it thank you

#16882 report it
karte at 2014/04/08 02:49am
Returns blank page?

The popup page, http://mysite.com/site/oauth?provider=Facebook, return blank page. I dont get any error. What should i do.. Am pretty confused..

#16448 report it
SleepWalker at 2014/02/24 08:27am

Hello, You should use yii's CWebUser method to logout the user: Yii::app()->user->logout(). The logout method from OAuth model calls only the logout method of HybridAuth lib. Probably I will add there the Yii's logout call too. But for now you should use Yii::app()->user->logout()

#16411 report it
mostofa62 at 2014/02/20 12:32pm

hello,i have use this extension, for sign up purpose, it means when user sign up using this then i just get the info and save my database table, but i face problem,only in case of facebook and google they are not logout, when i have already used the before redirect in my login action $oauth->logout();

is it logout problem,and i saw the facebook and gmail are not logout.

#16207 report it
Tibor Katelbach at 2014/01/28 05:55am

Thanks , why not, I would love to port it . if HybridAuth Lib isn't maintained anymore which alternative would you propose ? should we start over or remain on HybridAuth ?

I'm going to need this asap , So it's a good time to think about it

#16174 report it
SleepWalker at 2014/01/26 04:36am
@Tibor Katelbach

The first and not the good news is that HybridAuth lib is't meintained anymore (but it still works pretty good). So probably it is better to start new extension with the lib that maintained.

In hoauth there are some things that I want to rewrite, but have no time at the moment. But if you want to port it, I will answer all the questions that will occure )

#16059 report it
Tibor Katelbach at 2014/01/15 04:25am
work with mongoYii without yii-user ?

Hi SleepWalker I just discovered Hoauth, looks really good , thanks for open sourcing it my problem is I don't use yii-user and have a mongoDB I'd be glad to port it , but I'd like your feedback first if it's worth it ? or is it smarter to start from scratch again ? I'd like to benefit from all the integration work you have already done ? thanks for sharing your thoughts Tibor

#15984 report it
nat3863 at 2014/01/07 06:42am
User with same email

Hi, I'm not sure if this is a bug or something. I have tried this on my development, basically, I have 2 users from 2 different providers; facebook and twitter. However, both user shares the same email address.

When user 2 from twitter authenticates, the user will be logged in as user 1 (facebook).

Isn't this suppose to be unique? Thanks again!

#15943 report it
andreapavan at 2014/01/01 01:26pm

Thanks for your response. In user_oauth and User db everything is saved correctly. I also noticed that does not appear the screen to accept the terms of the app.

Is it possibile to have the code of the example in the description?

Leave a comment

Please to leave your comment.

Create extension