/** * Logs in a user. * * The user identity information will be saved in storage that is * persistent during the user session. By default, the storage is simply * the session storage. If the duration parameter is greater than 0, * a cookie will be sent to prepare for cookie-based login in future. * * Note, you have to set {@link allowAutoLogin} to true * if you want to allow user to be authenticated based on the cookie information. * * @param IUserIdentity the user identity (which should already be authenticated) * @param integer number of seconds that the user can remain in logged-in status. Defaults to 0, meaning login till the user closes the browser. * If greater than 0, cookie-based login will be used. In this case, {@link allowAutoLogin} * must be set true, otherwise an exception will be thrown. */ public function login($identity, $duration = 0) { $id = $identity->getId(); $states = $identity->getPersistentStates(); if ($this->beforeLogin($id, $states, false)) { guest::mergerCustomer($id, $this->getState('guest_ID')); $this->changeIdentity($id, $identity->getName(), $states); if ($duration > 0) { if ($this->allowAutoLogin) { $this->saveToCookie($duration); } else { throw new CException(Yii::t('yii', '{class}.allowAutoLogin must be set true in order to use cookie-based authentication.', array('{class}' => get_class($this)))); } } $this->afterLogin(false); } }