Class X2WebUser
CWebUser represents the persistent state for a Web application user.
CWebUser is used as an application component whose ID is 'user'. Therefore,
at any place one can access the user state via
Yii::app()->user.
CWebUser should be used together with an IUserIdentity identity which
implements the actual authentication algorithm.
A typical authentication process using CWebUser is as follows:
- The user provides information needed for authentication.
- An IUserIdentity identity instance is created with the user-provided
information.
- Call IUserIdentity::authenticate to check if the identity is
valid.
- If valid, call CWebUser::login to login the user, and Redirect the
user browser to returnUrl.
- If not valid, retrieve the error code or message from the identity instance
and display it.
The property id and name are both identifiers for the user.
The former is mainly used internally (e.g. primary key), while the latter is for
display purpose (e.g. username). The id property is a unique identifier
for a user that is persistent during the whole user session. It can be a
username, or something else, depending on the implementation of the IUserIdentity identity class.
Both id and name are persistent during the user session.
Besides, an identity may have additional persistent data which can be accessed
by calling CWebUser::getState(). Note, when allowAutoLogin cookie-based
authentication is enabled, all these persistent data will be stored in cookie.
Therefore, do not store password or other sensitive data in the persistent
storage. Instead, you should store them directly in session on the server side
if needed.
-
CComponent
-
CApplicationComponent
implements
IApplicationComponent
-
CWebUser
implements
IWebUser
-
X2WebUser
Methods summary
public
boolean
|
#
checkAccess( string $operation, array $params = array() )
Performs access check for this user.
Performs access check for this user.
Parameters
- $operation
string
$operation the name of the operation that need access check.- $params
array
$params name-value pairs that would be passed to business rules associated with
the tasks and roles assigned to the user. Since version 1.1.11 a param with name
'userId' is added to this array, which holds the value of CWebUser::getId() when
CDbAuthManager or CPhpAuthManager is used. Returns
boolean
whether the operations can be performed by this user.
Overrides
CWebUser::checkAccess()
|
protected
|
#
afterLogin( mixed $fromCookie )
Runs the user_login automation trigger
Runs the user_login automation trigger
Parameters
- $fromCookie
mixed
$fromCookie whether the login was automatic (cookie-based) Overrides
CWebUser::afterLogin()
|
protected
boolean
|
#
beforeLogout( )
Runs the user_logout automation trigger
Runs the user_logout automation trigger
Returns
boolean
whether or not to logout
Overrides
CWebUser::beforeLogout()
|
public
|
#
getRoles( )
Retrieves roles for the user
Retrieves roles for the user
|
Methods inherited from CWebUser
__get(),
__isset(),
__set(),
__unset(),
afterLogout(),
beforeLogin(),
changeIdentity(),
clearStates(),
createIdentityCookie(),
getFlash(),
getFlashes(),
getId(),
getIsGuest(),
getName(),
getReturnUrl(),
getState(),
getStateKeyPrefix(),
hasFlash(),
hasState(),
init(),
loadIdentityStates(),
login(),
loginRequired(),
logout(),
renewCookie(),
restoreFromCookie(),
saveIdentityStates(),
saveToCookie(),
setFlash(),
setId(),
setName(),
setReturnUrl(),
setState(),
setStateKeyPrefix(),
updateAuthStatus(),
updateFlash()
|
Methods inherited from CApplicationComponent
getIsInitialized()
|
Methods inherited from CComponent
__call(),
asa(),
attachBehavior(),
attachBehaviors(),
attachEventHandler(),
canGetProperty(),
canSetProperty(),
detachBehavior(),
detachBehaviors(),
detachEventHandler(),
disableBehavior(),
disableBehaviors(),
enableBehavior(),
enableBehaviors(),
evaluateExpression(),
getEventHandlers(),
hasEvent(),
hasEventHandler(),
hasProperty(),
raiseEvent()
|
Constants inherited from CWebUser
AUTH_ABSOLUTE_TIMEOUT_VAR,
AUTH_TIMEOUT_VAR,
FLASH_COUNTERS,
FLASH_KEY_PREFIX,
STATES_VAR
|
Properties inherited from CWebUser
$absoluteAuthTimeout,
$allowAutoLogin,
$authTimeout,
$autoRenewCookie,
$autoUpdateFlash,
$guestName,
$identityCookie,
$loginRequiredAjaxResponse,
$loginUrl
|
Properties inherited from CApplicationComponent
$behaviors
|
Magic properties inherited from CWebUser
$flashes,
$id,
$isGuest,
$name,
$returnUrl,
$stateKeyPrefix
|
Magic properties inherited from CApplicationComponent
$isInitialized
|