Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Yii: Force authenticate

Tags:

php

yii

Is there anyway to force yii to authentify a user by a given username without consulting the database?

My app will use a api to login and until that api is not written, we cant use the app.

Beacause of this api we don't have a user model so, the authentication process cracks when trying to use User::model()

public function authenticate()
{
    if (strpos($this->username,"@")) {
        $user=User::model()->findByAttributes(array('email'=>$this->username));
    } else {
        $user=User::model()->findByAttributes(array('username'=>$this->username));
    }
    if($user===null)
        if (strpos($this->username,"@")) {
            $this->errorCode=self::ERROR_EMAIL_INVALID;
        } else {
            $this->errorCode=self::ERROR_USERNAME_INVALID;
        }
    else if(Yii::app()->getModule('user')->encrypting($this->password)!==$user->password)
        $this->errorCode=self::ERROR_PASSWORD_INVALID;
    else if($user->active==0&&Yii::app()->getModule('user')->loginNotActiv==false)
        $this->errorCode=self::ERROR_STATUS_NOTACTIV;
    else if($user->active==-1)
        $this->errorCode=self::ERROR_STATUS_BAN;
    else {
        $this->_id=$user->id;
        $this->errorCode=self::ERROR_NONE;
        $user->saveState($this);
    }
    return !$this->errorCode;
}
like image 966
Ionut Flavius Pogacian Avatar asked May 29 '26 16:05

Ionut Flavius Pogacian

1 Answers

The following code shows the default UserIdentity.php which yiic generates. It uses hard coded users and password as you want.

<?php

/**
 * UserIdentity represents the data needed to identity a user.
 * It contains the authentication method that checks if the provided
 * data can identity the user.
 */
class UserIdentity extends CUserIdentity
{
    /**
     * Authenticates a user.
     * The example implementation makes sure if the username and password
     * are both 'demo'.
     * In practical applications, this should be changed to authenticate
     * against some persistent user identity storage (e.g. database).
     * @return boolean whether authentication succeeds.
     */
    public function authenticate()
    {
        $users=array(
            // username => password
            'demo'=>'demo',
            'admin'=>'admin',
        );
        if(!isset($users[$this->username]))
            $this->errorCode=self::ERROR_USERNAME_INVALID;
        elseif($users[$this->username]!==$this->password)
            $this->errorCode=self::ERROR_PASSWORD_INVALID;
        else
            $this->errorCode=self::ERROR_NONE;
        return !$this->errorCode;
    }
}
like image 122
Kai Avatar answered Jun 01 '26 07:06

Kai
Sign in to Comment

Related questions

How can I use a php variable in a JSON request body?
How to only make page accessible if user is logged in using php
Troubles with mocking new PHP 8.2 readonly classes with PHPUnit test doubles
PHP str_replace doesnt replace character "°"
$_SESSION variables wont take values
Laravel routing and route parameters
parse_url() does not parse a specific url
Docker container calls binary from another container
How to pass URL parameter from route to middleware?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!