Backend DevelopmentPHP TutorialYii2 framework implements login, logout and automatic login functions
This article mainly introduces the method of Yii2 framework to implement login, logout and automatic login functions. It analyzes in detail the principle, implementation method and related operation precautions of Yii2 framework to realize login, logout and automatic login functions in the form of examples. Friends in need You can refer to it, I hope it can help everyone.
The example in this article describes how the Yii2 framework implements login, logout and automatic login functions. Share it with everyone for your reference, the details are as follows:
The principle of automatic login is very simple. Mainly achieved by using cookies
When logging in for the first time, if the login is successful and automatic login next time is selected, the user's authentication information will be saved in the cookie, and the cookie's validity period is 1 years or months.
The next time you log in, first determine whether the user's information is stored in the cookie. If so, use the user information stored in the cookie to log in.
Configure the User component
First set the user component in the components of the configuration file
'user' => [ 'identityClass' => 'app\models\User', 'enableAutoLogin' => true, ],
We see that enableAutoLogin is used To determine whether to enable the automatic login function, this has nothing to do with the next automatic login on the interface.
Only when enableAutoLogin is true, if you choose to log in automatically next time, the user information will be stored in a cookie and the validity period of the cookie will be set to 3600*24 *30 seconds for next login
Now let’s take a look at how it is implemented in Yii.
1. Save cookies when logging in for the first time
1. Login login function
public function login($identity, $duration = 0)
{
if ($this->beforeLogin($identity, false, $duration)) {
$this->switchIdentity($identity, $duration);
$id = $identity->getId();
$ip = Yii::$app->getRequest()->getUserIP();
Yii::info("User '$id' logged in from $ip with duration $duration.", __METHOD__);
$this->afterLogin($identity, false, $duration);
}
return !$this->getIsGuest();
}Here, simply log in, and then execute the switchIdentity method to set the authentication information.
2. SwitchIdentity sets authentication information
public function switchIdentity($identity, $duration = 0)
{
$session = Yii::$app->getSession();
if (!YII_ENV_TEST) {
$session->regenerateID(true);
}
$this->setIdentity($identity);
$session->remove($this->idParam);
$session->remove($this->authTimeoutParam);
if ($identity instanceof IdentityInterface) {
$session->set($this->idParam, $identity->getId());
if ($this->authTimeout !== null) {
$session->set($this->authTimeoutParam, time() + $this->authTimeout);
}
if ($duration > 0 && $this->enableAutoLogin) {
$this->sendIdentityCookie($identity, $duration);
}
} elseif ($this->enableAutoLogin) {
Yii::$app->getResponse()->getCookies()->remove(new Cookie($this->identityCookie));
}
}This method is more important and needs to be called when exiting.
This method mainly has three functions
① Set the validity period of the session
② If the validity period of the cookie is greater than 0 and automatic login is allowed, then save the user's authentication information to
in cookie ③ If automatic login is allowed, delete the cookie information. This is called when exiting. The $identity passed in when exiting is null
protected function sendIdentityCookie($identity, $duration)
{
$cookie = new Cookie($this->identityCookie);
$cookie->value = json_encode([
$identity->getId(),
$identity->getAuthKey(),
$duration,
]);
$cookie->expire = time() + $duration;
Yii::$app->getResponse()->getCookies()->add($cookie);
}The user information stored in the cookie contains three values:
$identity->getId()<br>$identity->getAuthKey()<br>$duration
getId() and getAuthKey() are in IdentityInterfaceIn the interface. We also know that when setting up the User component, the User Model must implement the IdentityInterface interface. Therefore, you can get the first two values in the User Model, and the third value is the validity period of the cookie.
2. Automatically log in from cookie
From the above we know that the user’s authentication information has been stored in the cookie, so next time Just get the information directly from the cookie and set it.
1. AccessControl user access control
Yii provides AccessControl to determine whether the user is logged in. With this, there is no need to judge in each action
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'only' => ['logout'],
'rules' => [
[
'actions' => ['logout'],
'allow' => true,
'roles' => ['@'],
],
],
],
];
}2. getIsGuest and getIdentity determine whether to authenticate the user
isGuest is the most important attribute in the automatic login process.
In the above AccessControl access control, use the IsGuest attribute to determine whether it is an authenticated user, and then call getIdentity in the getIsGuest method Get the user information. If it is not empty, it means that it is an authenticated user, otherwise it is a visitor (not logged in).
public function getIsGuest($checkSession = true)
{
return $this->getIdentity($checkSession) === null;
}
public function getIdentity($checkSession = true)
{
if ($this->_identity === false) {
if ($checkSession) {
$this->renewAuthStatus();
} else {
return null;
}
}
return $this->_identity;
}3. renewAuthStatus Regenerates user authentication information
protected function renewAuthStatus()
{
$session = Yii::$app->getSession();
$id = $session->getHasSessionId() || $session->getIsActive() ? $session->get($this->idParam) : null;
if ($id === null) {
$identity = null;
} else {
/** @var IdentityInterface $class */
$class = $this->identityClass;
$identity = $class::findIdentity($id);
}
$this->setIdentity($identity);
if ($this->authTimeout !== null && $identity !== null) {
$expire = $session->get($this->authTimeoutParam);
if ($expire !== null && $expire < time()) {
$this->logout(false);
} else {
$session->set($this->authTimeoutParam, time() + $this->authTimeout);
}
}
if ($this->enableAutoLogin) {
if ($this->getIsGuest()) {
$this->loginByCookie();
} elseif ($this->autoRenewCookie) {
$this->renewIdentityCookie();
}
}
}Pass this part first Session is used to determine the user, because the user already exists in the session after logging in. Then determine if it is an automatic login, then log in through the cookie information.
4. Log in through the saved cookie information loginByCookie
##
protected function loginByCookie()
{
$name = $this->identityCookie['name'];
$value = Yii::$app->getRequest()->getCookies()->getValue($name);
if ($value !== null) {
$data = json_decode($value, true);
if (count($data) === 3 && isset($data[0], $data[1], $data[2])) {
list ($id, $authKey, $duration) = $data;
/** @var IdentityInterface $class */
$class = $this->identityClass;
$identity = $class::findIdentity($id);
if ($identity !== null && $identity->validateAuthKey($authKey)) {
if ($this->beforeLogin($identity, true, $duration)) {
$this->switchIdentity($identity, $this->autoRenewCookie ? $duration : 0);
$ip = Yii::$app->getRequest()->getUserIP();
Yii::info("User '$id' logged in from $ip via cookie.", __METHOD__);
$this->afterLogin($identity, true, $duration);
}
} elseif ($identity !== null) {
Yii::warning("Invalid auth key attempted for user '$id': $authKey", __METHOD__);
}
}
}
}Read the cookie value first, and then$data = json_decode($value, true);Deserialize into an array.
findIdentity and validateAuthKey must be implemented in the User Model.
After logging in, you can also reset the validity period of the cookie, so that it will be valid all the time.$this->switchIdentity($identity, $this->autoRenewCookie ? $duration : 0);
3. Exit logout
public function logout($destroySession = true)
{
$identity = $this->getIdentity();
if ($identity !== null && $this->beforeLogout($identity)) {
$this->switchIdentity(null);
$id = $identity->getId();
$ip = Yii::$app->getRequest()->getUserIP();
Yii::info("User '$id' logged out from $ip.", __METHOD__);
if ($destroySession) {
Yii::$app->getSession()->destroy();
}
$this->afterLogout($identity);
}
return $this->getIsGuest();
}
public function switchIdentity($identity, $duration = 0)
{
$session = Yii::$app->getSession();
if (!YII_ENV_TEST) {
$session->regenerateID(true);
}
$this->setIdentity($identity);
$session->remove($this->idParam);
$session->remove($this->authTimeoutParam);
if ($identity instanceof IdentityInterface) {
$session->set($this->idParam, $identity->getId());
if ($this->authTimeout !== null) {
$session->set($this->authTimeoutParam, time() + $this->authTimeout);
}
if ($duration > 0 && $this->enableAutoLogin) {
$this->sendIdentityCookie($identity, $duration);
}
} elseif ($this->enableAutoLogin) {
Yii::$app->getResponse()->getCookies()->remove(new Cookie($this->identityCookie));
}
}
退出的时候先把当前的认证设置为null,然后再判断如果是自动登录功能则再删除相关的cookie信息。
相关推荐:
The above is the detailed content of Yii2 framework implements login, logout and automatic login functions. For more information, please follow other related articles on the PHP Chinese website!
如何在 Windows PC 上修复 Steam 登录错误 E84Jun 28, 2023 am 08:20 AMSteam登录错误E84是Steam用户在多次登录尝试中遇到的常见登录。如果您无法登录Steam,则无法执行任何有用的操作。如果您不先处理此E84登录错误,您将面临大量问题。初步解决方法–1.如果您是第一次在Steam中遇到此E84错误,重新启动系统可能会修复它。关闭Steam应用程序。将其从系统托盘中退出。然后,重新启动系统并重试整个过程。2.检查互联网连接是否有故障。如果您的互联网连接速度较慢,Steam登录可能会引发E84。修复1–将noreactlogin添加到Steam可执行文件您必须
1.1.1.1上网认证系统怎么登录Apr 20, 2023 am 10:44 AM1.1.1.1上网认证系统登录方法:1、搜索校园网无线信号并连接;2、打开浏览器,在弹出的身份验证界面选择“自助服务”;3、输入用户名和初始密码进行登录;4、完善个人信息并设置为强密码即可。
为什么wallpaperengine退出后壁纸没了Mar 12, 2024 pm 05:40 PM用户使用wallpaperengine可以获得各种壁纸,有很多用户不知道为什么wallpaperengine退出后壁纸没了,动态壁纸必须在你所安装壁纸的软件开启的情况下才会运行在桌面上。为什么wallpaperengine退出后壁纸没了1、动态壁纸必须在你所安装壁纸的软件开启的情况下才会运行在桌面上。2、wallpaperengine是覆盖原来的壁纸,退出当然就没了。3、关了之后壁纸还在除非文件格式是图片类型的,可以通过一些手段获取,不过这样不是动态的。4、Windows里没有用视频或动态图当壁
微软账号的退出教程:如何退出Win11账号Dec 25, 2023 pm 08:04 PM在此前的win11更新中,我们可以跳过微软账户的登录,但是最新的win11家庭版强制用户登录微软账号才能进行安装,但是登录微软账号会带来很多麻烦,很多朋友想在安装完成后退出,下面小编就来教大家一下退出方法吧。win11怎么退出微软账号1、首先点击下方的开始菜单,在其中找到“设置”,如图所示。2、在设置界面中找到“用户”或“accounts”选项。3、在用户界面中找到“改用本地账户登录”,一行蓝色文字。4、然后只要输入我们本地账户的密码就可以登录本地账户,退出微软账号了。
教您win7登陆了怎么查看电脑密码Jul 11, 2023 pm 08:41 PM在我们使用win7操作系统的过程中,我们通常会给电脑设置一个密码。最近就有小伙伴想要了解win7登陆了怎么查看电脑密码,其实win7查看电脑密码的方法非常简单。今天小编就来告诉大家win7查看电脑密码怎么操作。下面就让我们一起来看看吧!win7查看电脑密码的方法:1、按下win键+r键,输入rundll32netplwiz.dll,UsersRunDll,然后点击确定。2、取消勾选“要使用本机,用户必须输入用户名和密码”3、取消后点击确定,在弹出的对话框中不要输入你想让电脑每次自动登录的账户和密
如何通过JavaScript实现免登录功能Jun 15, 2023 pm 10:43 PM在许多网络应用程序中,登录是一项必须的操作。然而,在一些情况下,尤其是在一些无需提供极高安全性的应用程序中,我们可以实现免登录功能,减轻用户登录的时间和操作次数。下面我们将介绍如何通过Javascript实现免登录功能。步骤一:使用cookie存储登录状态Cookies是一种为Web提供的数据存储方式,它可以将数据存储在用户本地计算机中。通过设置cookie
美团互助怎么退出_美团退出互助步骤流程Mar 28, 2024 pm 03:01 PM1、登录美团账号后首先需要点击【我的】功能。2、进入到【我的】页面后,接着再点击页面中的【进入钱包】功能。3、此时会弹出【美团钱包】页面,之后下拉页面到底部后在【更多服务】栏中点击【美团互助】功能。4、这时会进入到【美团互助】页面,接着再点击该页面的【查看详情】功能。5、进入到【互助详情】页面后再次把这个页面下拉到最底部,然后点击【放弃保障】功能。6、此时会弹出一个对话框,接着点击对话框中的【坚决退出】功能,这样就成功的退出美团互助了。
抖音粉丝团有什么用?别人的粉丝团怎样退出?Apr 01, 2024 am 09:51 AM随着移动互联网的迅猛发展,社交媒体成为人们生活中不可或缺的一部分。而作为其中最受欢迎的社交平台之一,抖音以其短视频内容和生动有趣的创意赢得了广大用户的喜爱。在抖音上,很多用户都会加入各种粉丝团,那么抖音粉丝团究竟有什么用呢?一、抖音粉丝团有什么用?抖音粉丝团为用户提供了一个聚集兴趣爱好者的社区。在这个社区里,用户可以找到与自己志同道合的人,共同探讨和分享感兴趣的话题。无论是追星族、音乐爱好者还是美食达人,只要你有相同的兴趣爱好,就能够在抖音粉丝团中找到属于自己的小圈子。抖音粉丝团也为用户提供了一
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Atom editor mac version download
The most popular open source editor
MantisBT
Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.
Dreamweaver Mac version
Visual web development tools
PhpStorm Mac version
The latest (2018.2.1) professional PHP integrated development tool
Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.
