Jump to content
Larry Ullman's Book Forums

Yii Tutorials: Extra Step In Authentication?


Recommended Posts

Hi all,

 

Larry, firstly I'd like to thank you for an awesome set of articles on Yii! They've really helped me come to terms with Yii and MVC!

 

In your article on simple authentication in Yii (http://www.larryullman.com/2010/01/04/simple-authentication-with-the-yii-framework/), you've mentioned that the LoginForm model needs some code in two methods: authenticate(), and login(). authenticate() is used purely to verify that the password is correct, and login() performs the actual login.

 

However, in the sample code you've shown, there is the following code in the authenticate() method:

 

switch($this->_identity->errorCode) {

case UserIdentity::ERROR_NONE:

 

$duration=$this->rememberMe ? 3600*24*30 : 0; // 30 days

Yii::app()->user->login($identity,$duration);

break;

 

So we are also logging in the user if their password is correct. I don't understand why this is being done in authenticate(), if we are also doing this in login(), where we have the following code:

 

if($this->_identity->errorCode === UserIdentity::ERROR_NONE)

{

$duration = $this->rememberMe ? 3600*24*30 : 0; // 30 days

Yii::app()->user->login($this->_identity, $duration);

 

return true;

 

This seems redundant and confusing to me (the authentication section shouldn't log in the user). I've tried removing the code from the authenticate() section, and the login works fine.

 

Am I misunderstanding something? The code for my two functions is available here:

 

http://pastebin.com/LAAPNiD5

 

Thanks!

Link to comment
Share on other sites

First of all, thanks for using the forums instead of posting this question in the comments section of the blog. Very much appreciated (too hard answering complex questions there). Let me review my code and what Yii's doing these days and I'll get back to you.

Link to comment
Share on other sites

  • 2 months later...

So sorry for the delay. I was traveling for most of July and this got lost in the shuffle. My sincerest apologies. Do you still need help with this? If so, I'll get you a fast reply (let me know if any particulars have changed, though).

Link to comment
Share on other sites

 Share

×
×
  • Create New...