How to differentiate Frontend User and Web Administrators ?

revo110 · February 16, 2010, 7:38am

Hello All, how are you ? Hope you’re all doing fine…if anybody would kindly help me out to figure this one, would be very appreciated.

Okay, so the question:

Using UserIdentity extends CUserIdentity, the user with usergroup of "admin" can sign in at the backend. But at the front-end, when someone is signed in at the backend, and I refresh the page at the frontend, it will immediately login the user who logged in at the backend, no matter if I am just a guest who is browsing the web, then I can edit and make anything that supposed to be confidential.

Using a plain php I usually separate the session, but this one ? how to do it using the CUserIdentity ? What I meant is a more yiish way to handle this issue ?

Thank you!

bettor · February 16, 2010, 8:01am

Have you searched the forum? There are related posts. You should declare a prefix for your sessions like:


Yii::app()->user->setStateKeyPrefix('_admin');

This works for me.

cheers,

bettor

revo110 · February 16, 2010, 8:19am

bettor:

Have you searched the forum? There are related posts. You should declare a prefix for your sessions like:
Yii::app()->user->setStateKeyPrefix('_admin');
This works for me.

cheers,

bettor

Yes, I did! But I didn’t found the thread you mentioned. Could you kindly please give me the full URL of it ? Cause I am still unclear of your explanation…

Thank you!

bettor · February 16, 2010, 8:39am

how have you setup your back-end…as a different module? Are you using different UserIdentity classes for back-end and front-end? Post some more info on your structure…and I might be able to help further

cheers,

b

revo110 · February 16, 2010, 8:51am

yes, you’re absolutely right! My backend is just a module, nothing fancy about it.

The structure is like:


WWWRoot

   sitename

      protected

         components

            UserIdentity.php

         config

            main.php

         controllers

            index

              SaveAction.php

            IndexController.php

         modules

            backend

               BackendModule.php

So yes, I am using the same UserIdentity for frontend and backend module.

bettor · February 16, 2010, 1:45pm

In your BackendModule.php you should have


public function init()

{

   Yii::app()->user->setStateKeyPrefix('_admin');

}

this should work. It sets admin prefix for your admin related sessions and thus makes it different than the mainstream user session

cheers,

bettor

revo110 · February 16, 2010, 3:19pm

bettor:

In your BackendModule.php you should have
public function init()

{

   Yii::app()->user->setStateKeyPrefix('_admin');

}
this should work. It sets admin prefix for your admin related sessions and thus makes it different than the mainstream user session

cheers,

bettor

Thanks a lot bettor! It worked!

railton · August 13, 2010, 3:55pm

interesting

MichaelH · February 18, 2011, 9:46am

Works great bettor. I was looking for the same thing, thanks a lot.

By the way shouldn’t it be Yii::app()->user->setStateKeyPrefix(‘admin_’); if it’s a prefex?

(Not that is matters )