How to authenticate user on index page in Yii
Solution 1
Just add the following at the top of the SiteController's index() action:
if(Yii::app()->user->getId()===null)
$this->redirect(array('site/login'));
It will check if the user is logged. If that's not the case, the page will redirect to login.
In order to avoid any action being accessed by not logged users, you need to modify the accessRules() functions of your controllers:
public function accessRules()
{
return array(
array('allow',
'actions'=>array(),
'users'=>array('*'),
),
array('allow',
'actions'=>array(),
'users'=>array('@'),
),
array('allow',
'actions'=>array(),
'users'=>array('admin'),
),
array('deny',
'actions'=>array(),
'users'=>array('*'),
),
);
}
In each controller, we have that function, and within it we have that four arrays. Each array declares an access rule. In the 'actions' parameter we specify which actions will be affected that access rule, and in 'users' we specify which users will be allow to access the actions. '*' means all users, authenticated or unauthenticated. '@' means only authenticated users, 'admin' means of course only admin members.
If any 'actions' parameters has no actual actions assigned, then just delete than line:
array('allow',
'users'=>array('admin'),
),
Solution 2
This is same as above but as a component so that it needs to be done only once and all controllers needing security can extend this component.
Add a new component in the components directory (SecurityController.php):
<?php
class SecurityController extends CController {
public $breadcrumbs=array();
public function filters()
{
return array(
'accessControl',
);
}
public function accessRules()
{
return array(
array('allow',
//'actions'=>array('admin','delete','index'),
'users'=>array('admin', '@'),
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
}
Now ensure all your controllers that need authentication inherits from SecurityController:
<?php
class JSController extends SecurityController {
Solution 3
Okay, I've done it finally.
Here is the code, I've added to the sitecontroller.php
public function filters()
{
return array(
'accessControl',
);
}
public function accessRules()
{
return array(
array('allow', // allow all users to perform only 'login' action
'actions'=>array('login'),
'users'=>array('*'),
),
array('allow', // allow admin user to perform 'admin' AND 'delete' AND 'index' actions
'actions'=>array('admin','delete','index'),
'users'=>array('admin'),
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
So, it's working now.
thanks to all for your valuable replies
Solution 4
Try it for Forcing Login for All Pages in Yii:
http://www.larryullman.com/2010/07/20/forcing-login-for-all-pages-in-yii/
And for forceful login in the index page you can customize
public function handleBeginRequest($event)
{
if (Yii::app()->user->isGuest && !in_array($_GET['r'],array('site/login'))) {
Yii::app()->user->loginRequired();
}
}
Darshit Gajjar
I'm always eager to learn from others, and more eager to help other :)
Updated on June 04, 2022Comments
-
Darshit Gajjar almost 2 years
I am developing a web using Yii.
When I create a module using gii code generator, it will automatically add authentication to admin page of that particular model and controller.
But I want to add user authentication on index page itself. So, when a user opens website it should ask for login.
I have index.php inside the "view\site\" directory and login.php is also in the same directory.
I have sitecontroller.php in "\controller" directory (as usually)
It's my first project in Yii framework. Someone suggest me how to apply user authentication, when website opens.