/** * Inline validator for password field. * * @param * string * @param * array */ public function authenticate($attribute, $params) { if ($this->hasErrors()) { return; } $user = Yii::app()->user->data(); $this->_identity = new UserIdentity($user->username, $this->password); if ($this->_identity->authenticate()) { return; } $this->addError('password', Yii::t('errors', 'Incorrect password.')); }
/** * Logs in the user using the given username and password in the model. * @return boolean whether login is successful */ public function login() { if ($this->_identity === null) { $this->_identity = new UserIdentity($this->username, $this->password); $this->_identity->authenticate(); } if ($this->_identity->errorCode === UserIdentity::ERROR_NONE) { $duration = $this->rememberMe ? 3600 * 24 : 0; // 30 days Yii::app()->user->login($this->_identity, $duration); return true; } else { return false; } }
/** * Logs in the user using the given username and password in the model. * @return boolean whether login is successful */ public function login() { $usersModule = Yii::app()->getModule("users"); $identityClass = $usersModule->identityClass; if ($this->_identity === null) { $this->_identity = new $identityClass($this->email, $this->password); $this->_identity->authenticate(); } if ($this->_identity->errorCode === $identityClass::ERROR_NONE) { $duration = $this->rememberMe ? $usersModule->autoLoginDuration : 0; Yii::app()->user->login($this->_identity, $duration); return true; } else { return false; } }
/** * Login * * @return bool */ public function signup() { if ($this->hasErrors()) { return false; } try { $this->_user = new User(); $this->_user->username = $this->email; $this->_user->email = $this->email; $this->_user->password = $this->passwordConfirm; $this->_user->password_strategy = 'bcrypt'; $this->_user->login_ip = $_SERVER['REMOTE_ADDR']; //$_user->regenerateValidationKey(); $this->_user->save(); } catch (Exception $e) { Yii::log($e); return false; } if ($this->_identity === null) { $this->_identity = new UserIdentity($this->email, $this->passwordConfirm); $this->_identity->authenticate(); } if ($this->_identity->isAuthenticated) { $duration = 0; Yii::app()->user->login($this->_identity, $duration); return true; } return true; }
/** * Login * * @return bool */ public function login() { if ($this->_identity === null) { $this->_identity = new UserIdentity($this->username, $this->password); $this->_identity->authenticate(); } if ($this->_identity->isAuthenticated) { $duration = $this->rememberMe ? 3600 * 24 * 30 : 0; // 30 days Yii::app()->user->login($this->_identity, $duration); return true; } return false; }
/** * Action: Index * * @access public * @return void */ public function actionIndex() { // If the end-user is already logged in, then there is absolutely no point presenting the login form to them // as it will just create confusion as to whether they are logged in or not. Redirect them to the homepage. if (!Yii::app()->user->isGuest) { $this->redirect(Yii::app()->homeUrl); } // Create an instance of the form builder, this controls all of the display logic (inputs). // Load up the form configuration from the path alias, and associate it with the form model. $form = new Form('application.forms.login', new \application\models\form\Login()); // Check that the form has been submitted, and if has, if it passes the models validation rules. if ($form->submitted() && $form->validate()) { // Seeing as the end-user has provided valid input data, create a new user identity with it. $this->identity = new UserIdentity($form->model->username, $form->model->password); // Do the credentials provided by the end-user's input data authenticate them as a valid user? if ($this->identity->authenticate()) { // Great! The end-user provided correct authentication credentials! Log in the user provided by the // user identity created from those credentials. Yii::app()->user->login($this->identity); // Redirect back to where they were (defaults to the homepage if the location to return to has not // been set). $this->redirect(Yii::app()->user->getReturnUrl(Yii::app()->homeUrl)); } else { // Log this failed authentication attempt. Yii::log('User "' . $form->model->username . '" provided incorrect credentials.', 'info', 'application.controllers.LoginController'); // Grab the error code defined by UserIdentity, and add the appropriate error message to the correct // model attribute (form field), so that it may be rendered by the form builder in the view. switch ($this->identity->errorCode) { // The end-user provided a string that does not correspond to any user that we have in the // database. case UserIdentity::ERROR_USERNAME_INVALID: $form->model->addError('username', Yii::t('application', 'The username you entered does not exist.')); break; // The end-user specified a username that is not allowed to login via the current IP address // that the end-user is using. // The end-user specified a username that is not allowed to login via the current IP address // that the end-user is using. case UserIdentity::ERROR_IP_INVALID: $form->model->addError('username', Yii::t('application', 'The username you entered may not login at this IP address.')); break; // The end-user has made too many login attempts in a specified amount of time, inform the user // to wait a while before the next attempt. // The end-user has made too many login attempts in a specified amount of time, inform the user // to wait a while before the next attempt. case UserIdentity::ERROR_THROTTLED: $form->model->addError('username', Yii::t('application', 'The username you entered has been throttled for security reasons. Please try again after a couple of seconds.')); break; // The end-user has specified a password that does not match the one associated with the // username the end-user provided. // The end-user has specified a password that does not match the one associated with the // username the end-user provided. case UserIdentity::ERROR_PASSWORD_INVALID: $form->model->addError('password', Yii::t('application', 'The password you entered was incorrect.')); break; } } } else { // The login form has either not been submitted, or there were validation errors. Either way we don't // need to do anything, other than to carry on as normal to render the form. Yii will deal with all the // error messages for us :) } // Make sure that we do not auto-populate the password field with anything that may have been submitted by // the user; we do not want their password encoded into the HTML of our page. $form->model->password = null; // Pass the form builder to the default login view to render the login HTML form. If it is an AJAX request, // render only the partial "ajax" view. Yii::app()->request->isAjaxRequest ? $this->renderPartial('ajax', array('form' => $form)) : $this->render('index', array('form' => $form)); }