/** * Authenticates a user. * The example implementation makes sure if the user_name and user_password * are both 'demo'. * In practical applications, this should be changed to authenticate * against some persistent user identity storage (e.g. database). * @return boolean whether authentication succeeds. */ public function authenticate() { $record = Users::model()->findByAttributes(array('user_username' => $this->username)); if (is_null($record)) { $this->errorCode = self::ERROR_USERNAME_INVALID; } else { if ($record->user_password != $this->password) { $this->errorCode = self::ERROR_PASSWORD_INVALID; $this->errorCode = self::ERROR_USERNAME_INVALID; } else { $authPermissions = array(); if (!empty($record->user_type)) { $authPermissions = GroupPermissions::getUserGroupPermissions($record->user_type); } $userData = $record->attributes; $this->setState('data', $userData); $this->setState('auth', $authPermissions); $this->errorCode = self::ERROR_NONE; } } return !$this->errorCode; }