Yii framework: Remove demo/admin accounts

Question

So i am learning the Yii Framework, and there is that thing with the built in admin/demo accounts when you first create the sceleton application. I would like to remove them cause even after uplodet to my webserver i can still log in with them. So where can i remove that please?

Answer 1

under protected/components you'll find UserIdentity.php, the users and their passwords will be declared in the authenticate function using an array.

public function authenticate()
{
    $users=array(
        // username => password
        'demo'=>'demo',
        'admin'=>'admin',
    );

More specific info on how to use authentication in Yii can be found at the authentication and authorisation subsection of the official Yii documentation

Answer 2

In the folder protected/components/ you'll have a file UserIdentity.php that's where these default logins appear, you can change/remove them.

You can use your db to authenticate against your users table, somewhat like this:

class UserIdentity extends CUserIdentity
{
 private $_id;
 public function authenticate()
 {
     $record=User::model()->findByAttributes(array('username'=>$this->username));
     if($record===null)
         $this->errorCode=self::ERROR_USERNAME_INVALID;
     else if($record->password!==md5($this->password))
         $this->errorCode=self::ERROR_PASSWORD_INVALID;
     else
     {
         $this->_id=$record->id;
         $this->setState('title', $record->title);
         $this->errorCode=self::ERROR_NONE;
     }
     return !$this->errorCode;
 }

 public function getId()
 {
     return $this->_id;
 }
}

Check this article in the guide.