You are viewing revision #4 of this wiki article.
This is the latest version of this article.
You may want to see the changes made in this revision.
In this wiki I will show how could forcing login for all pages and users must be logged in to access almost all of the site’s content.
In your main/config.php -
Within the primary array, We need to add these:
// behaviors
'behaviors' => array(
'onBeginRequest' => array(
'class' => 'application.components.RequireLogin'
)
),
// application components
'user'=>array(
// enable cookie-based authentication
'allowAutoLogin'=>true,
'loginUrl' => array('site/login'), //login page url
),
// application-level parameters that can be accessed
'params'=>array(
'registrationUrl'=>'site/registration', //Registration page url
'recoveryUrl'=>'site/recovery', //Recovery or change password page url
'captchUrl'=>'site/captcha', //Captcha url
),
In your components -
Create a file called RequireLogin.php into components directory. In which needs to define the RequireLogin class, which should be an extension of the Yii CBehavior class. Within that class, only two methods need to be defined. The first is attach(), which will associate an event handler with the application and second is handleBeginRequest(), the method is to determine the conditions in which a login must be required of the user.
class RequireLogin extends CBehavior
{
public function attach($owner)
{
$owner->attachEventHandler('onBeginRequest', array($this, 'handleBeginRequest'));
}
public function handleBeginRequest($event)
{
$defaultUrl = ''; //Defualt page will show like - http://localhost/demo or http://example.com/
$request = trim(Yii::app()->urlManager->parseUrl(Yii::app()->request), '/');
$login = trim(Yii::app()->user->loginUrl[0], '/');
$login = trim(is_array(Yii::app()->user->loginUrl) ? Yii::app()->user->loginUrl[0] : Yii::app()->user->loginUrl, '/'); //gets loginurl from main config file
$registration = trim(Yii::app()->params['registrationUrl'], '/'); //gets registraion url from main config file
$recovery = trim(Yii::app()->params['recoveryUrl'], '/'); //gets recovery url from main config file
$captchUrl = trim(Yii::app()->params['captchUrl'], '/'); //gets captcha url from main config file/ it's show the captcha image
// Restrict guests to public pages.
$allowed = array($login,$registration,$recovery,$captchUrl,$defaultUrl);
//allows users if not logged in to view only these 4 pages you can add others like above or like array($login,'site/login');
if (Yii::app()->user->isGuest && !in_array($request, $allowed))
Yii::app()->user->loginRequired();
// Prevent logged in users from viewing the login page.
$request = substr($request, 0, strlen($login));
if (!Yii::app()->user->isGuest && $request == $login)
{
$url = Yii::app()->createUrl(Yii::app()->homeUrl[0]);
Yii::app()->request->redirect($url);
}
}
}
Reference - Forcing Login for All Pages in Yii
Is there a specific reason for this?
Hi Rohit Suthar,
I was wondering why you chose this approach when we can use user-rights extension.
Have a nice day
Sincerely
Babak
RE #17776
Dear Babak,
It's short and sweet codes, also new comers can be use for practice.
Wow!
"Requiring login" is a base feature of Yii. Wy you dont use filters()? Just add filter 'accessControl' and set accessRules(). Thats all.
http://www.yiiframework.com/doc/guide/1.1/en/topics.auth#access-control-filter
If you have any questions, please ask in the forum instead.
Signup or Login in order to comment.