Before the redirection, the current URL (if it's not an AJAX url) will be kept as [[returnUrl]] so that
the user browser may be redirected back to the current page after successful login.
Make sure you set [[loginUrl]] so that the user browser can be redirected to the specified login URL after
calling this method.
Note that when [[loginUrl]] is set, calling this method will NOT terminate the application execution.
|
public loginRequired ( boolean $checkAjax = true, boolean $checkAcceptHeader = true ) : |
||
| $checkAjax | boolean | whether to check if the request is an AJAX request. When this is true and the request is an AJAX request, the current URL (for AJAX request) will NOT be set as the return URL. |
| $checkAcceptHeader | boolean | whether to check if the request accepts HTML responses. Defaults to `true`. When this is true and the request does not accept HTML responses the current URL will not be SET as the return URL. Also instead of redirecting the user an ForbiddenHttpException is thrown. This parameter is available since version 2.0.8. |
| return | the redirection response if [[loginUrl]] is set | |
/**
* @inheritdoc
*/
public function loginRequired($checkAjax = true, $checkAcceptHeader = true)
{
if ($this->enableSession && (!$checkAjax || !Yii::$app->getRequest()->getIsAjax())) {
Yii::$app->session->setFlash('flash-warning', HUsers::t('messages', 'This page is restricted to authenticated users'));
}
return parent::loginRequired($checkAjax, $checkAcceptHeader);
}
/**
* Denies the access of the user.
* The default implementation will redirect the user to the login page if he is a guest;
* if the user is already logged, a 403 HTTP exception will be thrown.
* @param User $user the current user
* @throws ForbiddenHttpException if the user is already logged in.
*/
protected function denyAccess($user)
{
if ($user->getIsGuest()) {
$user->loginRequired();
} else {
throw new ForbiddenHttpException(Yii::t('yii', 'You are not allowed to perform this action.'));
}
}
/**
* Denies the access of the user.
* The default implementation will redirect the user to the login page if he is a guest;
* if the user is already logged, a 403 HTTP exception will be thrown.
* @param Yii\web\User $user the current user
* @throws Yii\web\ForbiddenHttpException if the user is already logged in.
*/
protected function denyAccess($user)
{
if ($user->getIsGuest()) {
$user->loginRequired();
} else {
$this->ajaxOnly();
}
}
/**
* 拒绝访问
* @param \yii\web\User $user
* @throws ForbiddenHttpException
*/
protected function denyAccess($user)
{
if ($user->getIsGuest()) {
Yii::$app->getSession()->setFlash('danger', Yii::t('common', 'You have not login, please login first.'));
$user->loginRequired();
} else {
//检查权限是否有配置
// $this->checkAuthItem();
throw new ForbiddenHttpException(Yii::t('yii', 'You are not allowed to perform this action.'));
}
}
/**
* Denies the access of the user.
* The default implementation will redirect the user to the login page if he is a guest;
* if the user is already logged, a 403 HTTP exception will be thrown.
* @param User $user the current user
* @throws ForbiddenHttpException if the user is already logged in.
*/
protected function denyAccess($user)
{
if ($user->getIsGuest()) {
$user->loginRequired();
} else {
throw new ForbiddenHttpException(Yii::t('yii', 'No esás autorizado para realizar eta acción.'));
}
}
