Yii 1.1: hybridauth

Yii Implementation of HybridAuth for social (Facebook, Yahoo etc) logins

This extension implements HybridAuth to enable social logins (Facebook, Yahoo etc) for Yii.

The first time someone passes the authentication with their provider, they are prompted to choose a username and optionally an email address (the email address isn't verified).

It extends CBaseUserIdentity to RemoteUserIdentity and so can be used in parallel to the default Yii login that comes with the skeleton app. In fact it is intended to be used that way. It can also be used with yii-user.

if someone is already logged in, and clicks another provider it will associate that provider with the users website account as well, so multiple providers can be linked to one account. Clicking a linked provider (with a green background) will unlink that provider from the account.


This has been written against the skeleton application generated by Yii. It assumes you have a User model & corresponding database table.

For most providers you will need to register with them for an API key. One exception to this is Yahoo.


Unzip into protected\modules\

Add the following to the "modules" section in main.php:

'hybridauth' => array(
            'baseUrl' => 'http://'. $_SERVER['SERVER_NAME'] . '/hybridauth', 
            'withYiiUser' => false, // Set to true if using yii-user
            "providers" => array ( 
                "openid" => array (
                    "enabled" => true
                "yahoo" => array ( 
                    "enabled" => true 
                "google" => array ( 
                    "enabled" => true,
                    "keys"    => array ( "id" => "", "secret" => "" ),
                    "scope"   => ""
                "facebook" => array ( 
                    "enabled" => true,
                    "keys"    => array ( "id" => "", "secret" => "" ),
                    "scope"   => "email,publish_stream", 
                    "display" => "" 
                "twitter" => array ( 
                    "enabled" => true,
                    "keys"    => array ( "key" => "", "secret" => "" ) 

Run the following SQL to create the table to hold the logins.

  `userId` int(11) NOT NULL,
  `loginProvider` varchar(50) NOT NULL,
  `loginProviderIdentifier` varchar(100) NOT NULL,
  PRIMARY KEY (`id`),
  UNIQUE KEY `loginProvider_2` (`loginProvider`,`loginProviderIdentifier`),
  KEY `loginProvider` (`loginProvider`),
  KEY `loginProviderIdentifier` (`loginProviderIdentifier`),
  KEY `userId` (`userId`),
  KEY `id` (`id`)


You can either then just link people directly to the URL '/hybridauth' to login, or add a widget to another view:

<?php $this->widget('application.modules.hybridauth.widgets.renderProviders'); ?>

In your controllers you can then get the Hybrid_Auth object:

$ha = Yii::app()->getModule('hybridauth')->getHybridAuth();
$facebook = $ha->getAdapter('facebook');

See the Hybrid_Auth docs for more details.


At the moment it swallows exceptions generated by the providers, and displays the user a generic "something has gone wrong" message. If you are having problems working out what is going wrong, and want to show exceptions, then comment out the try..catch lines in function DefaultController::actionLogin() so the exceptions don't get caught and instead will halt the app.


Forum thread - http://www.yiiframework.com/forum/index.php/topic/33309-module-hybridauth/

Total 20 comments

#19498 report it
nirmalroka at 2015/08/04 04:42am
Try to log the obect you are gettin

Try to log the hybridauth object so that you can know what happening, double check the url of the site, hybrid config

#19497 report it
Geethasj at 2015/08/04 03:19am
Got blank page in server.


I got blank page in server,its working in localhost fine but not working in server why?

#17472 report it
amanation at 2014/06/18 08:55am
i appreciate your help

Hi nirmalroka,

Thank you for your suggestion. I tried it and it worked. However, it created another issue since i tried to hide index.php in my htaccess file.

The controller id was constantly being replaced by index.php

I set the url of the login button manually, including www for google. This solved the problem. It means if the domain name changes,i'd have to edit this again.

#17469 report it
nirmalroka at 2014/06/17 02:18pm
I also faced this error

Hi I also faced this error but I asked my host provider to do that

carbonbuster.org you can check this. So you don't face any problem hope you can consult your host provider in doing so check it to do in cpanel

#17468 report it
amanation at 2014/06/17 11:55am
Google login not work when url is without www

Hi All,

I have a website with this module. I set the redirect url in my google settings starting with www. If the url is without the www, the webpage shows but trying to login with google will give a redirect url error.

Is there a way to set hybridauth to always append www when a request url does not include it?


#17084 report it
Wasim Pathan at 2014/05/01 03:37am
I need the profile details of user after authentication

I need the profile details of user after authentication via hybrid auth how can I get in defaultcontroller and save to my custom database table. I am planing to get the profile details and autoregister with that details. How can I do that any suggestions ?

#16498 report it
Lexne at 2014/02/28 06:27am
DefaultController not found

Just like Maurice_ I too have the problem that I get the error message: include(DefaultController.php) [function.include]: failed to open stream: No such file or directory

I have \protected\modules\hybridauth\controllers\DefaultController.php

What can I do?

It happends when I have logged in with hybridauth. When I am not logged in or have logged out I can locate defautcontroller with address hybridauth/default/

#16441 report it
Fire at 2014/02/23 12:02pm

the easiest to implement by far! took all but 5 minutes - the other ones had me stuck for days! Thanks!!

#16293 report it
Muhammad Shahzad at 2014/02/07 04:34am
Can I need to put 'hybridauth' library in my localhsot root?

Can I need to put 'hybridauth' library in my localhsot root? As your code in config pointout this:

'hybridauth' => array(
                 'baseUrl' => 'http://'. $_SERVER['SERVER_NAME'] . '/hybridauth',

when I echo this baseUrl,I saw this Url:

http://localhost/hybridauth and I'm getting this error when I tried to connect with Facebook:

User not connected to the provider Facebook.

I'm logged in my fb account also I gave id and secret in config.

#15398 report it
mirrorps at 2013/11/06 08:42am
Deprecated Twitter api (v. 1.0)

Twitter updated their api and deprecated the 1.0 version since July 2013, so in order to have a working twitter oAuth you need to download the latest hybridAuth library from http://hybridauth.sourceforge.net/. Then replace Twitter.php from the Providers folder into yii module and twitter integration will work again.

#14497 report it
Vinny.freire at 2013/08/17 08:53pm
Muito bom!!

Implementei essa extensão no meu projeto e fico muito bom... funciona mesmo!

#13973 report it
Maurice_ at 2013/07/10 03:26am
Problem after login

When I did my login, i got the following error:

include(DefaultController.php): failed to open stream: No such file or directory

protected\modules\hybridauth\Hybrid\Storage.php(26): unserialize("O:9:"Exception":7:{s:10:"*message";s:63:"Authentification fail...")

protected\modules\hybridauth\Hybrid\Auth.php(143): Hybrid_Error::getErrorPrevious()


Any ideas why this happens?

#13660 report it
briiC.lv at 2013/06/14 01:35pm
Thanks for extension!

Hi! thanks for this extension. First I've tried another but this worked faster for me and not too complicated. But there was small workaround needed because I have PostgreSQL and I had to change table script and change column names to lowercase. After that I get it worked. If you want searching how to upgrade your extension this would be one of the directions :) Thanks again!

EDIT: I could not make it lowercase, but just write column names in quotes

CREATE TABLE  ha_logins (
    id serial NOT NULL,
    "loginProvider" character varying(50) NOT NULL,
    "loginProviderIdentifier" character varying(102) NOT NULL,
    "userId" integer NOT NULL,
    CONSTRAINT ha_logins_pkey PRIMARY KEY (id),
    FOREIGN KEY("userId") REFERENCES "user" (id)

But anyway there was problem on HaLogin.php with all "$criteria->compare(" because I need to put every column in quotes there too.

#13219 report it
thyseus at 2013/05/15 11:21am
Nice work! Hybridauth for yii-user-management is also available now!

Thanks for this nice work. There is also an independent implementation of hybrid auth integrated into yii user management >= 0.9:


#11903 report it
iabr at 2013/02/12 07:08am

class DefaultController extends CController, not Controller..

#11562 report it
nirmalroka at 2013/01/21 01:19am
I want to import contact list of user

How improt contact of user using hybrid auth for provider google , live and yahoo.

I had searched more but i didn't find any solution.

Is it possible or not. I looked Yahoo.php which has no methods for importing contact.

Can anyone done this type work before using this library. or not .

Thank you waiting for you response.

#11324 report it
compugator at 2013/01/05 11:12pm
User lastvisit_at

I am getting used to this nice extension, but I have incorporated hybridauth with yii-user and I cannot figure out how to update the lastvisit_at field. It just remains at the default 0000-00-00 00:00:00 in my database table.

Any suggestions?

#11260 report it
basem at 2013/01/02 02:54am
Linkedin provider has changed a bit


Linkedin provider API has changed a bit, so now it can fetch the verified email address, when compared to the existing provider inside ext. you need to replace with the new one please

thank you very much, Happy new year !

#11195 report it
basem at 2012/12/25 10:11am
One problem

Nice module and really saved lots of time for us.. however, I'm faced with an issue here and im not sure if all have the same thing:

  • When I click on any of the providers, it saves a record in DB without my confirmation (i.e. im unable to confirm/decline a selected provider) so it gets confirmed by default, even if I have already logged-into other providers by clicking save password

Any help please

Regards, Basem

#11127 report it
lukBB at 2012/12/19 02:42am
great module

Thx for great module. I manage to make it works without any problems. So far I tested google, twitter, facebook. You can try it here: milosnicyzwierzat.pl. I had problem with yahoo login, I got informed that CSRF token could not be verified. I've seen this problem already on the forum, but no one has solution.

Regards and txh for great job again lukBB

Leave a comment

Please to leave your comment.

Create extension