In this wiki, I try to implement a simple authorization schema without putting much logic inside a file
or into database table. We are constructing authorization hierarchy inside the controller. We are getting
roles for the current user from database table and assigning only roles to user that are declared in the
particular controller. We have brought down the work of loading of auth data at main
application level to controller level. This way we have pulverised auth data for entire site into smaller
units. Finally we are going to look at couple of examples.
I recently created a project called Yii-App on GitHub to kickstart my development of smaller Yii applications. The main goal of the project is to provide a ready-to-use application template that includes my bootstrap extension and many other useful extensions. After reading this article you will be able to use this project as a starting point for all of your Yii projects.
In this cookbook I will attempt to explain how to use the lightweight version of Role-Based Access Control using a php file. This version does not use database but a php file and is controlled by CPhpAuthManager class.
By default, the expression Yii::app()->user returns a CWebUser application component which represents the information that are closely related with the current user. Some information can be persistent throughout the current user session. For example, CWebUser already comes with a name property that stores the username of the current user.
In this mini howto I would like to show how to add a required captcha field in the login form, after a defined number of unsuccessfull attempts.
To do this, I will use the blog demo that you have in default Yii download package (path/to/yii/demos/blog).