sasori
December 15, 2010, 3:54pm
1
My users table contains
WSLoginName
WSLoginPassword
WSLoginNameAdminUser
WSLoginNameAdminPassword
I only have ‘one’ login page now, the default provided by yii/gii.
if user used 1 and 2 to login, he’ll be redirected to a certain area
if the user used 3 and 4 to login, he’ll be redirected to another area
so how am i gonna validate this at the UserIdentity ?
by default, if I only have 1 and 2 in my current user table, I have this
class UserIdentity extends CUserIdentity
{
private $_id;
const ERROR_EMAIL_INACTIVE = 3;
public function authenticate()
{
$record = Wsmembers::model()->findByAttributes(array('WSLoginName' => $this->username));
$email = Wsmembers::model()->findByAttributes(array('WSEmailConfirmed' => 0));
if($record === null)
$this->errorCode = self::ERROR_USERNAME_INVALID;
else if($record->WSLoginPassword !== sha1($this->password))
$this->errorCode = self::ERROR_PASSWORD_INVALID;
else if($email)
$this->errorCode = self::ERROR_EMAIL_INACTIVE;
else
{
$this->_id = $record->MemberShipID;
$this->setState('name', $record->WSLoginName);
$this->errorCode = self::ERROR_NONE;
}
return !$this->errorCode;
}
how about now that I have that 3 and 4 field ? how will I do that ?
if I do this ,
class UserIdentity extends CUserIdentity
{
private $_id;
const ERROR_EMAIL_INACTIVE = 3;
public function authenticate()
{
$record = Wsmembers::model()->findByAttributes(array('WSLoginName' => $this->username));
$admin = Wsmembers::model()->findByAttributes(array('WSLoginNameAdminUser' =>$this->username));
$email = Wsmembers::model()->findByAttributes(array('WSEmailConfirmed' => 0));
if($record === null || $admin === null)
$this->errorCode = self::ERROR_USERNAME_INVALID;
else if(($record->WSLoginPassword !== sha1($this->password) || $admin->WSLoginPasswordAdminUser !== sha1($this->password)))
$this->errorCode = self::ERROR_PASSWORD_INVALID;
else if($email)
$this->errorCode = self::ERROR_EMAIL_INACTIVE;
else
{
//what's next here?
}
}
will yii even recognize if I will have two
private $_id;
?
sasori
December 15, 2010, 5:30pm
2
I tried this
class UserIdentity extends CUserIdentity
{
private $_id;
const ERROR_EMAIL_INACTIVE = 3;
public function authenticate()
{
$record = Wsmembers::model()->findByAttributes(array('WSLoginName' => $this->username));
$admin = Wsmembers::model()->findByAttributes(array('WSLoginNameAdminUser' =>$this->username));
$email = Wsmembers::model()->findByAttributes(array('WSEmailConfirmed' => 0));
if($record === null || $admin === null)
$this->errorCode = self::ERROR_USERNAME_INVALID;
else if(($record->WSLoginPassword !== sha1($this->password) || $admin->WSLoginPasswordAdminUser !== sha1($this->password)))
$this->errorCode = self::ERROR_PASSWORD_INVALID;
else if($email)
$this->errorCode = self::ERROR_EMAIL_INACTIVE;
else
{
$this->_id = $record->MemberShipID;
$this->setState('name', $record->WSLoginName);
$this->setState('admin', $admin->WSLoginNameAdminUser);
$this->errorCode = self::ERROR_NONE;
}
return !$this->errorCode;
}
why is it not working ?, any suggestions how to solve this problem ?
jacmoe
December 15, 2010, 5:46pm
3
I really don’t get it…
It would be totally simple to just add a field to User called ‘staff’.
Then, to make it really easy for yourself, extend CWebUser (IIRC) and add getIsStaff to it.
What you’re trying to do is …
sasori
December 15, 2010, 5:58pm
4
jacmoe:
I really don’t get it…
It would be totally simple to just add a field to User called ‘staff’.
Then, to make it really easy for yourself, extend CWebUser (IIRC) and add getIsStaff to it.
What you’re trying to do is …
so all in all, I’ll have 3 sets of username and passwords, have you encountered doing the same thing ?
sumwai
December 16, 2010, 7:02am
5
Don’t really know what you are trying to do… your intro doesn’t gives us any idea…
sasori
December 16, 2010, 7:39am
6
based from my first post, my main objective is,
check if the user logs in using the loginname & password
if so, it redirects to a certain page, and by default it’s working
now since i have another set of loginname & password in the same table,
i want the useridentity class to check also if the user logs in, using that other pair of username and password.
if so, redirect him to another page.
but apparently, whatever I tried , it fails. My UserIdentity class only works when it checks for 1 pair of username and password only
jacmoe
December 16, 2010, 7:46am
7
Then only use one pair.
First, check if the user is trying the admin pair, and if they are, authenticate and set a flag on the user indicating that they’re admin.
If they’re not, then check if they’re using the user pair, and log them in without setting the admin flag.
You can only have one set of username/password, but that’s not a problem in your case.
Unless I’m misunderstanding something.
sasori
December 16, 2010, 8:41am
8
jacmoe:
Then only use one pair.
First, check if the user is trying the admin pair, and if they are, authenticate and set a flag on the user indicating that they’re admin.
If they’re not, then check if they’re using the user pair, and log them in without setting the admin flag.
You can only have one set of username/password, but that’s not a problem in your case.
Unless I’m misunderstanding something.
but still, the other pair of loginname and password is required…
the first pair of login details is already the admin, and it has power to do everything,
the second pair is required because, it’ll be given to other users in order for them to access
to another page that has all the things that was created
example:
-jacmoe registered, he’s now admin on his own account.
-now before anyone else is able to see what jacmoe created at the portal
-he needs to give the people the 2nd pair of login details he has during the registration process.
once the unknown person has jacmoe’s 2nd pair of login details, he’s able to login and see
the list of e.g companies that jacmoe created
mdomba
December 16, 2010, 9:13am
9
So by your example jacmoe creates 2nd pair of login that all other users use?
jacmoe
December 16, 2010, 9:21am
10
How about using tokens instead?
I log myself in and create some list of companies.
In my profile page there’s a button which generates an access token.
I give that token to anyone who wants access to my list.
The application first checks if the current user is owner, and if not, if an access token was given.
That way you only need one login - if you base the second access check on tokens.
Tokens can be regenerated at any time, of course.
sasori
December 16, 2010, 9:37am
11
yes, aside from that, on the other table named ‘staffs’
jacmoe needs to add unique loginname and password.
so all in all, jacmoe has
his 1st pair of login/admin (users table)
the 2nd pair of login, for all other users (users table)
the login for his staffs (staffs table)
mdomba:
How about using tokens instead?
I log myself in and create some list of companies.
In my profile page there’s a button which generates an access token.
I give that token to anyone who wants access to my list.
The application first checks if the current user is owner, and if not, if an access token was given.
That way you only need one login - if you base the second access check on tokens.
Tokens can be regenerated at any time, of course.
i got like 3 level deep login area
this is not about staff anymore, the reason why the 3) and 4) was added is that, it’ll be given to unknown users and when they use that 3) & 4) , they’ll get redirected to another screen where they can use another set of usernamea and password (staff)