Yii:强制认证

时间:2013-11-14 10:09:38

标签: php yii

无论如何都要强制yii在不咨询数据库的情况下通过给定的用户名对用户进行身份验证?

我的应用会使用api登录,直到api未写入,我们无法使用app

由于此api我们没有user模型,因此在尝试使用User::model()时验证过程会崩溃

public function authenticate()
{
    if (strpos($this->username,"@")) {
        $user=User::model()->findByAttributes(array('email'=>$this->username));
    } else {
        $user=User::model()->findByAttributes(array('username'=>$this->username));
    }
    if($user===null)
        if (strpos($this->username,"@")) {
            $this->errorCode=self::ERROR_EMAIL_INVALID;
        } else {
            $this->errorCode=self::ERROR_USERNAME_INVALID;
        }
    else if(Yii::app()->getModule('user')->encrypting($this->password)!==$user->password)
        $this->errorCode=self::ERROR_PASSWORD_INVALID;
    else if($user->active==0&&Yii::app()->getModule('user')->loginNotActiv==false)
        $this->errorCode=self::ERROR_STATUS_NOTACTIV;
    else if($user->active==-1)
        $this->errorCode=self::ERROR_STATUS_BAN;
    else {
        $this->_id=$user->id;
        $this->errorCode=self::ERROR_NONE;
        $user->saveState($this);
    }
    return !$this->errorCode;
}

1 个答案:

答案 0 :(得分:3)

以下代码显示了yiic生成的默认UserIdentity.php。它根据您的需要使用硬编码用户和密码。

<?php

/**
 * UserIdentity represents the data needed to identity a user.
 * It contains the authentication method that checks if the provided
 * data can identity the user.
 */
class UserIdentity extends CUserIdentity
{
    /**
     * Authenticates a user.
     * The example implementation makes sure if the username and password
     * are both 'demo'.
     * In practical applications, this should be changed to authenticate
     * against some persistent user identity storage (e.g. database).
     * @return boolean whether authentication succeeds.
     */
    public function authenticate()
    {
        $users=array(
            // username => password
            'demo'=>'demo',
            'admin'=>'admin',
        );
        if(!isset($users[$this->username]))
            $this->errorCode=self::ERROR_USERNAME_INVALID;
        elseif($users[$this->username]!==$this->password)
            $this->errorCode=self::ERROR_PASSWORD_INVALID;
        else
            $this->errorCode=self::ERROR_NONE;
        return !$this->errorCode;
    }
}