Forcing login for all pages using CBehavior

In this wiki I will show how could forcing login for all pages and users must be logged in to access almost all of the site’s content.

In your main/config.php -

Within the primary array, We need to add these:

// behaviors
'behaviors' => array(
    'onBeginRequest' => array(
        'class' => 'application.components.RequireLogin'
// application components
	// enable cookie-based authentication
	'loginUrl' => array('site/login'), //login page url
// application-level parameters that can be accessed  
	'registrationUrl'=>'site/registration', //Registration page url
	'recoveryUrl'=>'site/recovery', //Recovery or change password page url
	'captchUrl'=>'site/captcha', //Captcha url

In your components -

Create a file called RequireLogin.php into components directory. In which needs to define the RequireLogin class, which should be an extension of the Yii CBehavior class. Within that class, only two methods need to be defined. The first is attach(), which will associate an event handler with the application and second is handleBeginRequest(), the method is to determine the conditions in which a login must be required of the user.

class RequireLogin extends CBehavior

public function attach($owner)
    $owner->attachEventHandler('onBeginRequest', array($this, 'handleBeginRequest'));

public function handleBeginRequest($event)

            $defaultUrl = ''; //Defualt page will show like - http://localhost/demo or
			$request = trim(Yii::app()->urlManager->parseUrl(Yii::app()->request), '/');
			$login = trim(Yii::app()->user->loginUrl[0], '/');
            $login = trim(is_array(Yii::app()->user->loginUrl) ? Yii::app()->user->loginUrl[0] : Yii::app()->user->loginUrl, '/'); //gets loginurl from main config file
            $registration = trim(Yii::app()->params['registrationUrl'], '/'); //gets registraion url from main config file
			$recovery = trim(Yii::app()->params['recoveryUrl'], '/'); //gets recovery url from main config file
            $captchUrl = trim(Yii::app()->params['captchUrl'], '/'); //gets captcha url from main config file/ it's show the captcha image

            // Restrict guests to public pages.
            $allowed = array($login,$registration,$recovery,$captchUrl,$defaultUrl);
			//allows users if not logged in to view only these 4 pages you can add others like above or like array($login,'site/login');
            if (Yii::app()->user->isGuest && !in_array($request, $allowed))
            // Prevent logged in users from viewing the login page.
            $request = substr($request, 0, strlen($login));
            if (!Yii::app()->user->isGuest && $request == $login)
            $url = Yii::app()->createUrl(Yii::app()->homeUrl[0]);

Reference - Forcing Login for All Pages in Yii