Where do i override authentication method in yii?

Question

I need to override both authentication (for when user's trying to logging in) and also the function is being used to check if the user is logged in in the header of the application (the function that check the sessions and cookie to check if the user is logged in) but i don't know where are these methods? and also i don't know how to find where are these methods!

** The reason of ovveride is to also check a Flag, if the flag is FLASE don't authenticate the user, or even if the user is also authenticated on page change (header reload) log-out the user if the flag changed to FLASE**

It would be appreciated if you also helping me to find adequate references that can help me in similar situations beside yii/wiki and google i tried them :)

Regards,

Answer 1

1. For custom authentication extend CUserIdentity class:

   app/components/UserIdentity.php

   <?php
   class UserIdentity extends CUserIdentity
   {
       const ERROR_USER_NOT_APPOVED=200;
   
       private $_id;
   
       /**
        * Authenticates a user.
        *
        * @return boolean whether authentication succeeds.
        */
       public function authenticate()
       {
           $criteria = new CDbCriteria;
           $criteria->condition = 'LOWER(email.email)=LOWER(:email)';
           $criteria->params = array(':email' => $this->username);
           $member = Member::model()
                       ->with('email')
                       ->together()
                       ->find($criteria);
   
           if ($member === null) {
               $this->errorCode = self::ERROR_USERNAME_INVALID;
           } elseif (!hash::check($this->password, $member->pass_hash)) {
               $this->errorCode = self::ERROR_PASSWORD_INVALID;
           } elseif (! $member->is_approved) {
               $this->errorCode = self::ERROR_USER_NOT_APPOVED;
           } else {
               $this->_id = $member->id;
               $this->username = $member->full_name;
   
               $this->setState('email', $member->email->email);
   
               $this->errorCode = self::ERROR_NONE;
           }
   
           return !$this->errorCode;
       }
   
       /**
        * @return integer the ID of the user record
        */
       public function getId()
       {
           return $this->_id;
       }
   }
   

   then create custom form (app/models/MainLoginForm.php):

   <?php
   
   /**
    * MainLoginForm class.
    * MainLoginForm is the data structure for keeping
    * user login form data.
    */
   class MainLoginForm extends CFormModel
   {
       public $email;
       public $password;
       public $rememberMe;
   
       /**
        * Declares the validation rules.
        * The rules state that email and password are required,
        * and password needs to be authenticated.
        */
       public function rules()
       {
           return array(
               array('email', 'filter', 'filter' => 'trim'),
               array('email', 'required',
                   'message' => Yii::t('auth', 'Email address is required.')),
               array('email', 'email',
                   'message' => Yii::t('auth', 'Enter a valid Email address.')),
   
               array('password', 'required',
                   'message' => Yii::t('auth', 'Password is required.')),
   
               // password needs to be authenticated
               array('password', 'authenticate'),
   
               array('rememberMe', 'safe'),
           );
       }
   
       /**
        * Declares attribute labels.
        */
       public function attributeLabels()
       {
          return array(
             'email'       => Yii::t('auth', 'Email Address'),
             'password'    => Yii::t('auth', 'Password'),
             'rememberMe'  => Yii::t('auth', 'Remember me.'),
          );
       }
   
       /**
        * Authenticates the password.
        * This is the 'authenticate' validator as declared in rules().
        */
       public function authenticate($attribute, $params)
       {
           // we only want to authenticate when no input errors
           if (! $this->hasErrors()) {
               $identity = new UserIdentity($this->email, $this->password);
               $identity->authenticate();
               switch ($identity->errorCode) {
                   case UserIdentity::ERROR_NONE:
                       $duration = ($this->rememberMe)
                           ? 3600*24*14 // 14 days
                           : 0; // login till the user closes the browser
                       Yii::app()->user->login($identity, $duration);
                       break;
   
                   default:
                       // UserIdentity::ERROR_USERNAME_INVALID
                       // UserIdentity::ERROR_PASSWORD_INVALID
                       // UserIdentity::ERROR_MEMBER_NOT_APPOVED
                       $this->addError('', Yii::t('auth',
                           'Incorrect username/password combination.'));
                       break;
               }
           }
       }
   }
   

   and finally update your login method (actionLogin):

   $form = new MainLoginForm;
   if (isset($_POST['MainLoginForm'])) {
       $form->attributes = $_POST['MainLoginForm'];
       $valid = $form->validate();
       if ($valid) {
           // redirect
       }
   }
   

2. For auto logout you can extend CController:

   app/components/MainBaseController.php

   <?php
   
   class MainBaseController extends CController
   {
       public $settings = array();
   
       public function init()
       {
           parent::init();
   
           // set global settings
           // $this->settings = ...
   
           if (YOUR_FLAG_VALIDATION AND !Yii::app()->user->isGuest) {
               Yii::app()->user->logout();
           }
       }
   }
   

   and then use custom base controll:

   class YourController extends MainBaseController 
   {
       ....
   }