You are viewing revision #3 of this wiki article.
This version may not be up to date with the latest version.
You may want to view the differences to the latest version or see the changes made in this revision.
By default, the expression Yii::app()->user returns a [CWebUser] [application component](http://www.yiiframework.com/doc/guide/basics.application#application-component) which represents the information that are closely related with the current user. Some information can be persistent throughout the current user session. For example, [CWebUser] already comes with a [name|CWebUser::name] property that stores the username of the current user.
In order to store more information, we need to modify the [identity|IUserIdentity] class used together with [CWebUser]. Each application may have one or several identity classes which are mainly responsible to provide ways of performing user authentication.
Here we use the UserIdentity
class included in the testdrive
application as an example, assuming our goal is to add the ID and the last login time of the user to [CWebUser]. We would modify UserIdentity
as follows,
class UserIdentity extends CUserIdentity
{
private $_id;
public function authenticate()
{
$user=User::model()->findByAttributes(array('username'=>$this->username));
if($user===null)
$this->errorCode=self::ERROR_USERNAME_INVALID;
else if($user->password!==md5($this->password))
$this->errorCode=self::ERROR_PASSWORD_INVALID;
else
{
$this->_id=$user->id;
$this->setState('lastLoginTime', $user->lastLoginTime);
$this->errorCode=self::ERROR_NONE;
}
return !$this->errorCode;
}
public function getId()
{
return $this->_id;
}
}
In the above, during authentication we retrieve the ID and the last login time information of the authenticated user. We save the ID in a private variable $_id
and save lastLoginTime
in a state by calling setState()
. The reason that we use different approaches to save id
and lastLoginTime
is because id
is a pre-defined property that is recognized by [CWebUser]. If we want to store more information, we should use setState()
, like we do with lastLoginTime
.
We also override the getId()
method to return the private variable $_id
. The parent implementation is to return the username.
That's all we need. Now if we want to retrieve the id
or lastLoginTime
information in our code, we can do the following:
$id=Yii::app()->user->id;
$lastLoginTime=Yii::app()->user->lastLoginTime;
// If you are using version 1.0.2 or earlier, you should use the following:
// $lastLoginTime=Yii::app()->user->getState('lastLoginTime');
Note: When cookie-based authentication is enabled (by setting [CWebUser::allowAutoLogin] to be true), these persistent information will be stored in cookie. Therefore, you should NOT store sensitive information (e.g. password) like we do in the above.
Setting are stored in cookies!
Please, pay close attention, to what article author said: "When cookie-based authentication is enabled, these persistent information will be stored IN COOKIE".
It means, that if you're doing some changes to authentication area, you MUST logout before. If not, application will be taking these persistent information out of cookie, and you will be flooded with messages that CWebUser.lastLoginTime (in this example) is not defined!
Logout, login again and all problems auto-magically are gone! :]
Qiang please help
Hi qiang,
I got the error the Trejder mentioned above , but we are not changed anything , can you please advice what happened ? is anything related to browser ?
Topic Link http://www.yiiframework.com/forum/index.php/topic/57670-where-we-use-setstate/
If you have any questions, please ask in the forum instead.
Signup or Login in order to comment.