Disallowing login for INACTIVE users in Yii

In this wiki I will show how to Disallowing login for Inactive users. Only Active users can logging and access their account. You can set privacy for your yii web apps users.

You need to some updations in your Models, Views and in UserIdentity files.

First you need to add a field into your database in login table.

Add new field like - status and define

0 => Inactive & 1 => Active

In your components (UserIdentity.php)

Need to declare a variable and set value like this to identify the error code -


And also added the new condition to finding the status of particular user, in authenticate() function.

public function authenticate() {
	$attribute = strpos($this->username, '@') ? 'email' : 'username';

	$user = User::model()->find(array('condition' => $attribute . '=:loginname', 'params' =>
		array(':loginname' => $this->username)));
	 if ($user === null) {
		 $this->errorCode = self::ERROR_USERNAME_INVALID;
	 else if ($user->password!=md5($this->password)) {
		 $this->errorCode = self::ERROR_PASSWORD_INVALID;
	 //Add new condition to finding the status of user.
	 else if ($user->status === 0) {
		 $this->errorCode = self::ERROR_USERNAME_NOT_ACTIVE;
	else {

		  $this->_id = $user->id;
		  $this->_FName = $user->FName;
		  $this->_LName = $user->LName;
		  $this->setState('firstName', $user->FName);
		  $this->setState('lastName', $user->LName);

		  $this->errorCode = self::ERROR_NONE;
	   return !$this->errorCode;

In your models (LoginForm.php)

Update the authenticate() function in Login models for print the errors as per the error code. We already define the error code 3 for Inactive users in UserIdentity.php file.

public function authenticate($attribute,$params)
            $this->_identity=new UserIdentity($this->username,$this->password);
                if(($this->_identity->errorCode == 1) or ($this->_identity->errorCode == 2))
                    $this->addError('password',Yii::t('zii','Incorrect username or password.'));
                elseif($this->_identity->errorCode == 3)
                    $this->addError('username',Yii::t('zii','Username is currently not active'));
                    $this->addError('username',Yii::t('zii','Invalid Exception'));

In your views (login.php)

<div class="form">
$form = $this->beginWidget('bootstrap.widgets.TbActiveForm', array(
		'id' => 'login-form',
		'enableClientValidation' => true,
		'htmlOptions' => array('class' => 'well'),
		'clientOptions' => array(
			   'validateOnSubmit' => true,
		)); ?>

<?php echo $form->textFieldRow($model, 'username', array('class' => 'span3'));?>
<?php echo $form->passwordFieldRow($model, 'password', array('class' => 'span3'));?>
<?php echo $form->checkBoxRow($model, 'rememberMe');?>

 <div class="form-actions">
   <?php $this->widget('bootstrap.widgets.TbButton', array('buttonType' => 'submit', 'type' => 'primary', 'label' => 'Login'));?>
   <?php $this->widget('bootstrap.widgets.TbButton', array('buttonType' => 'reset', 'label' => 'Reset'));?>

Not need to updation in your controller/action

Try this, work great :)..