This extension implements HybridAuth to enable social logins (Facebook, Yahoo etc) for Yii.
The first time someone passes the authentication with their provider, they are prompted to choose a username and optionally an email address (the email address isn't verified).
It extends CBaseUserIdentity to RemoteUserIdentity and so can be used in parallel to the default Yii login that comes with the skeleton app. In fact it is intended to be used that way. It can also be used with yii-user.
if someone is already logged in, and clicks another provider it will associate that provider with the users website account as well, so multiple providers can be linked to one account. Clicking a linked provider (with a green background) will unlink that provider from the account.
This has been written against the skeleton application generated by Yii. It assumes you have a User model & corresponding database table.
For most providers you will need to register with them for an API key. One exception to this is Yahoo.
Unzip into protected\modules\
Add the following to the "modules" section in main.php:
'hybridauth' => array( 'baseUrl' => 'http://'. $_SERVER['SERVER_NAME'] . '/hybridauth', 'withYiiUser' => false, // Set to true if using yii-user "providers" => array ( "openid" => array ( "enabled" => true ), "yahoo" => array ( "enabled" => true ), "google" => array ( "enabled" => true, "keys" => array ( "id" => "", "secret" => "" ), "scope" => "" ), "facebook" => array ( "enabled" => true, "keys" => array ( "id" => "", "secret" => "" ), "scope" => "email,publish_stream", "display" => "" ), "twitter" => array ( "enabled" => true, "keys" => array ( "key" => "", "secret" => "" ) ) ) ),
Run the following SQL to create the table to hold the logins.
CREATE TABLE IF NOT EXISTS `ha_logins` ( `id` int(11) NOT NULL AUTO_INCREMENT, `userId` int(11) NOT NULL, `loginProvider` varchar(50) NOT NULL, `loginProviderIdentifier` varchar(100) NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `loginProvider_2` (`loginProvider`,`loginProviderIdentifier`), KEY `loginProvider` (`loginProvider`), KEY `loginProviderIdentifier` (`loginProviderIdentifier`), KEY `userId` (`userId`), KEY `id` (`id`) ) ENGINE=InnoDB
You can either then just link people directly to the URL '/hybridauth' to login, or add a widget to another view:
In your controllers you can then get the Hybrid_Auth object:
$ha = Yii::app()->getModule('hybridauth')->getHybridAuth(); $facebook = $ha->getAdapter('facebook'); $facebook->setUserStatus('Hi');
See the Hybrid_Auth docs for more details.
At the moment it swallows exceptions generated by the providers, and displays the user a generic "something has gone wrong" message. If you are having problems working out what is going wrong, and want to show exceptions, then comment out the try..catch lines in function DefaultController::actionLogin() so the exceptions don't get caught and instead will halt the app.