/** * The login form. * * @return string|\yii\web\Response * @throws \yii\base\InvalidConfigException */ public function actionLogin() { // Before filled login form. if (!isset(Yii::$app->request->post()['LoginForm']['username'])) { return $this->render('login', ['model' => new LoginForm()]); } $identity = User::findByUsername([Yii::$app->request->post()['LoginForm']['username']]); // User not found by username. if ($identity == null) { // Login error. Yii::$app->session->setFlash('error', 'Wrong username. Please check.'); return $this->render('login', ['model' => new LoginForm()]); } $inserted_password = Yii::$app->request->post()['LoginForm']['password']; // Successful login. if (Yii::$app->security->validatePassword($inserted_password, $identity->password_hash)) { Yii::$app->user->login($identity); PasswordController::teamSecretCheck(); return $this->redirect('/'); } else { // Login error. Yii::$app->session->setFlash('error', 'Wrong password. Please check.'); return $this->render('login', ['model' => new LoginForm()]); } }
/** * Deletes an existing Password model. If deletion is successful, the * browser will be redirected to the 'index' page. * * @param integer $id * @return mixed */ public function actionDelete($id) { if (Yii::$app->params['single_user_mode'] === FALSE) { if (Yii::$app->user->isGuest === TRUE) { return $this->redirect(['/site/login']); } PasswordController::teamSecretCheck(); } if (Yii::$app->params['single_user_mode'] === TRUE or Yii::$app->user->getIdentity()->is_admin == 1) { $this->findModel($id)->delete(); // Remove roles and permissions. self::removeAllAuthAssignments($id); \Yii::$app->getSession()->setFlash('success', 'Account credential successfully deleted.'); } return $this->redirect(['index']); }