Hi all,
I want to develop module base login system. I’m new quite new for yii.
In my application I have two type of members(admin and staff).
My database table name is user_table and these are the attributes user_id,user_name,user_type and user_password.
This is my UserIdentity.php.
<?php
/**
* UserIdentity represents the data needed to identity a user.
* It contains the authentication method that checks if the provided
* data can identity the user.
*/
class UserIdentity extends CUserIdentity
{
private $_id;
public function authenticate()
{
$record=UserTable::model()->findByAttributes(array('user_name'=>$this->username)); // here I use Email as user name which comes from database
if($record===null)
{
$this->_id='user Null';
$this->errorCode=self::ERROR_USERNAME_INVALID;
}
else if($record->user_password!==$this->password) // here I compare db password with passwod field
{ $this->_id=$this->username;
$this->errorCode=self::ERROR_PASSWORD_INVALID;
}
/*else if($record['E_STATUS']!=='Active') // here I check status as Active in db
{
$err = "You have been Inactive by Admin.";
$this->errorCode = $err;
} */
else
{
//$this->_id=$record['user_name'];
$this->_id=$record->user_id;
//$this->setState('title', $record['user_name']);
$this->setState('user_type', $record->user_type);
//Yii::app()->user->getState('user_type', $record->user_type);
$this->errorCode=self::ERROR_NONE;
}
return !$this->errorCode;
}
public function getId() // override Id
{
return $this->_id;
}
}
This is my webUser.php
<?php
class WebUser extends CWebUser
{
/**
* Overrides a Yii method that is used for roles in controllers (accessRules).
*
* @param string $operation Name of the operation required (here, a role).
* @param mixed $params (opt) Parameters for this operation, usually the object to access.
* @return bool Permission granted?
*/
public function checkAccess($operation, $params=array())
{
if (empty($this->user_id)) {
// Not identified => no rights
return false;
}
//$role = $this->getState("roles");
$role = $this->getState("user_type");
//$role =Yii::app()->user->getState( "user_type");
if ($role === 'admin') {
return true; // admin role has access to everything
}
if ($role === 'staff') {
return 'staff'; //Regular Teaching Professor, has limited access
}
// allow access if the operation request is the current user's role
return ($operation === $role);
}
}
This is my UserTableController.php
public function accessRules()
{
return array(
array('allow', // allow all users to perform 'index' and 'view' actions
'actions'=>array('index','view','register'),
'users'=>array('*'),
),
array('allow', // allow authenticated user to perform 'create' and 'update' actions
'actions'=>array('create','update'),
'users'=>array('@'),
),
array('allow', // allow admin user to perform 'admin' and 'delete' actions
'actions'=>array('admin','delete'),
'users'=>array('admin'),
),
array('allow',
'actions'=>array('admin'),
'roles'=>array('staff', 'devel'),
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
This is my config/main.php
// application components
'components'=>array(
'user'=>array(
// enable cookie-based authentication
'allowAutoLogin'=>true,
'class' => 'WebUser', //I add this code for RBAC
),