/**
* The login form.
*
* @return string|\yii\web\Response
* @throws \yii\base\InvalidConfigException
*/
public function actionLogin()
{
// Before filled login form.
if (!isset(Yii::$app->request->post()['LoginForm']['username'])) {
return $this->render('login', ['model' => new LoginForm()]);
}
$identity = User::findByUsername([Yii::$app->request->post()['LoginForm']['username']]);
// User not found by username.
if ($identity == null) {
// Login error.
Yii::$app->session->setFlash('error', 'Wrong username. Please check.');
return $this->render('login', ['model' => new LoginForm()]);
}
$inserted_password = Yii::$app->request->post()['LoginForm']['password'];
// Successful login.
if (Yii::$app->security->validatePassword($inserted_password, $identity->password_hash)) {
Yii::$app->user->login($identity);
PasswordController::teamSecretCheck();
return $this->redirect('/');
} else {
// Login error.
Yii::$app->session->setFlash('error', 'Wrong password. Please check.');
return $this->render('login', ['model' => new LoginForm()]);
}
}
/**
* Deletes an existing Password model. If deletion is successful, the
* browser will be redirected to the 'index' page.
*
* @param integer $id
* @return mixed
*/
public function actionDelete($id)
{
if (Yii::$app->params['single_user_mode'] === FALSE) {
if (Yii::$app->user->isGuest === TRUE) {
return $this->redirect(['/site/login']);
}
PasswordController::teamSecretCheck();
}
if (Yii::$app->params['single_user_mode'] === TRUE or Yii::$app->user->getIdentity()->is_admin == 1) {
$this->findModel($id)->delete();
// Remove roles and permissions.
self::removeAllAuthAssignments($id);
\Yii::$app->getSession()->setFlash('success', 'Account credential successfully deleted.');
}
return $this->redirect(['index']);
}
