Jonathon Posted January 7, 2012 Share Posted January 7, 2012 (edited) Hi Larry, I have made some progress with this query, so I think you can probably skip to the bottom of this thread (I hope) I've been looking at authenticating my Yii login, this is currently How i've gone about it: login.php <div class="form"> <?php $form=$this->beginWidget('CActiveForm', array( 'id'=>'login-form', //'enableClientValidation'=>true, //'enableAjaxValidation'=>true, 'clientOptions'=>array( 'validateOnSubmit'=>true, ), )); ?> <div class="row"> <?php echo $form->labelEx($model,'email'); ?> <?php echo $form->textField($model,'email'); ?> <?php echo $form->error($model,'email'); ?> </div> <div class="row"> <?php echo $form->labelEx($model,'password'); ?> <?php echo $form->passwordField($model,'password'); ?> <?php echo $form->error($model,'password'); ?> </div> <div class="row buttons"> <?php echo CHtml::submitButton('Login'); ?> </div> <?php $this->endWidget(); ?> LoginForm.php <?php /** * LoginForm class. * LoginForm is the data structure for keeping * user login form data. It is used by the 'login' action of 'SiteController'. */ class LoginForm extends CFormModel { public $email; public $password; private $_identity; /** * Declares the validation rules. * The rules state that username and password are required, * and password needs to be authenticated. */ public function rules() { return array( // email and password are required array('email, password', 'required'), array('email', 'email'), array('password', 'authenticate'), ); } /** * Declares attribute labels. */ public function attributeLabels() { return array( 'rememberMe'=>'Remember me next time', ); } /** * Authenticates the password. * This is the 'authenticate' validator as declared in rules(). */ public function authenticate($attribute,$params) { if(!$this->hasErrors()) { $this->_identity=new UserIdentity($this->email,$this->password); if(!$this->_identity->authenticate()) $this->addError('password','Incorrect email or password'); } } /** * Logs in the user using the given username and password in the model. * @return boolean whether login is successful */ public function login() { if($this->_identity===null) { $this->_identity=new UserIdentity($this->username,$this->password); $this->_identity->authenticate(); } if($this->_identity->errorCode===UserIdentity::ERROR_NONE) { /* $duration=$this->rememberMe ? 3600*24*30 : 0; // 30 days Yii::app()->user->login($this->_identity,$duration); return true; */ } else return false; } } UserIdentity.php class UserIdentity extends CUserIdentity { // Need to store the user's ID: private $_id; /** * Authenticates a user. * The example implementation makes sure if the username and password * are both 'demo'. * In practical applications, this should be changed to authenticate * against some persistent user identity storage (e.g. database). * @return boolean whether authentication succeeds. */ public function authenticate() { $user = Users::model()->findByAttributes(array('email'=>$this->username)); if ($user===null) { // No user found! $this->errorCode=self::ERROR_USERNAME_INVALID; } else if ($user->password !== SHA1($this->password) ) { // Invalid password! $this->errorCode=self::ERROR_PASSWORD_INVALID; } else { // Okay! $this->errorCode=self::ERROR_NONE; // Store the role in a session: $this->setState('type', $user->type); $this->_id = $user->id; } return !$this->errorCode; } public function getId() { return $this->_id; } } Currently when I try the user and password I get "Property "Users.password" is not defined." and this line is highlighted in this trace "} else if ($user->password !== SHA1($this->password) ) { // Invalid password!" and " if(!$this->_identity->authenticate())" I changed the line to read } else if ($user->pass !== SHA1($this->password) ) { // Invalid password! Which i think now matches up with the columns in my DB is that right? I dont get errors when trying to log in but trying <?php echo Yii::app()->user->type; ?> results in: CWebUser.type and i cant seem to get the user ID back either? Could you explain, where i've gone wrong please, when you have a minute? (My password field in the DB is `pass` and i'm checking it against a `email` field and i have a `type` field for their role) Edited January 8, 2012 by Jonathon Link to comment Share on other sites More sharing options...
Jonathon Posted January 8, 2012 Author Share Posted January 8, 2012 I seem to have worked out logging in. I have been using: <?php if(Yii::app()->user->isGuest) echo 'Guest'; ?> To see if a user is a guest. Which is always visible, except when I login in the first time. If I enter my password and email "Guest" doesn't appear (success (in part), I can also echo out the type of role the user has on that script). But as soon and I go to another page, like home or even just reload the login page again "Guest" returns, this suggests to me that the $_SESSION is being reset after each load or wiped, is this me? My sessions are configured like this: 'session' => array ( 'autoStart' => true, 'sessionName' => 'My nice session name', //'cookieMode' => 'only', //'savePath' => '/path/to/new/directory', ), Thanks in advance as always Link to comment Share on other sites More sharing options...
Larry Posted January 9, 2012 Share Posted January 9, 2012 Have you confirmed the session ID isn't changing? Link to comment Share on other sites More sharing options...
Jonathon Posted January 9, 2012 Author Share Posted January 9, 2012 No I hadn't so I went and looked through your working with sessions, it is changing on every page load. I am discovering that debugging in a framework is quite a difference to standard debugging. Link to comment Share on other sites More sharing options...
Larry Posted January 9, 2012 Share Posted January 9, 2012 Yes, debugging a framework is definitely different! A good framework will do 80% of the work for you, but that last 20% can be quite the chore! Link to comment Share on other sites More sharing options...
Jonathon Posted January 9, 2012 Author Share Posted January 9, 2012 Yes indeed, I shall get there I hope! In terms of this problem then, do you have any ideas as to how to over come this, I've changed the session path and everything is being written to the folder, I've also checked the cookies in the web developer tool (I uncommented 'cookieMode' => 'only') . My config settings seem to be ok in that sense, going from your "Working with Sessions in Yii" posts. I'm fairly convinced the login process itself is working ok too, so I am somewhat baffled as to areas where the issue will be? Link to comment Share on other sites More sharing options...
Larry Posted January 11, 2012 Share Posted January 11, 2012 I guess I would start by undoing all configuration settings that apply to sessions and see if that fixes the problem. Then you'd know where to start hunting at least. Link to comment Share on other sites More sharing options...
Jonathon Posted January 18, 2012 Author Share Posted January 18, 2012 Thanks Larry, Sorry I havent looked at this for a while, but I took your advice and everything I had in the session config components were making the session rest, all except the cookie only part. Really weird, even the session path (which is correct) and the session name just on their own seemed to bring the problem back. I guess for now i'll just leave the cosmetics till the end and focus on the functionality. Congratulations on the JavaScript book - get some rest!!!!! Link to comment Share on other sites More sharing options...
Recommended Posts