通过 
搜索
搜索infoweb-internet-solutions / yii2-cms-user
适用于 Yii2 的灵活用户注册和认证模块
1.1
2015-07-16 08:42 UTC
Requires
- dektrium/yii2-user: @stable
- yiisoft/yii2: @stable
This package is not auto-updated.
Last update: 2024-09-20 21:47:37 UTC
README
文档
- 文档.
安装
安装此扩展的首选方式是通过 composer。
运行以下命令之一
php composer.phar require infoweb-internet-solutions/yii2-cms-user "*"
或在您的 composer.json 文件的 require 部分添加
"infoweb-internet-solutions/yii2-user": "*"
使用方法
安装扩展后,只需按以下方式修改您的后端配置
return [ 'components' => [ ... // Replace default user component: 'user' => [ 'identityClass' => 'infoweb\user\models\User', 'enableAutoLogin' => true, ], // Add to views 'view' => [ 'theme' => [ 'pathMap' => [ ... '@dektrium/user/views' => '@infoweb/user/views' ] ] ], ], ... 'modules' => [ 'user' => [ 'class' => 'dektrium\user\Module', 'enableUnconfirmedLogin' => true, 'confirmWithin' => 21600, 'cost' => 12, 'admins' => ['infoweb', 'admin'], 'modelMap' => [ 'User' => 'infoweb\user\models\User', 'UserSearch' => 'infoweb\user\models\UserSearch', 'Profile' => 'infoweb\user\models\Profile', ], 'controllerMap' => [ 'admin' => 'infoweb\user\controllers\AdminController', 'settings' => 'infoweb\user\controllers\SettingsController', 'security' => 'infoweb\user\controllers\SecurityController', ], 'modules' => [ // Register the custom module as a submodule 'infoweb-user' => [ 'class' => 'infoweb\user\Module' ] ] ], ], ... 'as access' => [ 'class' => 'infoweb\user\components\AccessControl', 'user' => 'infoweb\user\models\WebUser', 'allowActions' => [ 'user/recovery/*', 'user/security/logout', 'user/registration/*' ], ], ];
要使用此模块,执行 yii migration
yii migrate/up --migrationPath=@vendor/infoweb-internet-solutions/yii2-cms-user/migrations
yii migrate/up --migrationPath=@vendor/dektrium/yii2-user/migrations
分离前端和后端用户
如果您想为前端和后端应用的用户使用独立的会话,则必须更新一些配置。
-
在
backend/config/main.php中启动 session 组件'bootstrap' => ['session'...],
-
设置 user 组件的 identityCookie 并在
backend/config/main.php中更新 request 和 session 组件'components' => [ ... 'user' => [ ... 'identityCookie' => [ 'name' => '_backendIdentity', 'path' => '/admin', 'httpOnly' => true, ], ], ... 'request' => [ 'class' => 'common\components\Request', 'web'=> '/backend/web', 'adminUrl' => '/admin', 'csrfParam' => '_backendCSRF', ], 'session' => [ 'name' => 'PHPSESSID', 'cookieParams' => [ 'httpOnly' => true, 'path' => '/admin', ], ], ... ]
-
在
frontend/config/main.php中启动 session 组件'bootstrap' => ['session'...],
-
在
frontend/config/main.php中更新 user、request 和 session 组件... 'user' => [ 'identityClass' => 'infoweb\user\models\frontend\User', 'enableAutoLogin' => true, 'identityCookie' => [ 'name' => '_frontendIdentity', 'path' => '/', 'httpOnly' => true, ], ], 'request'=>[ 'class' => 'common\components\Request', 'web' => '/frontend/web', 'csrfParam' => '_frontendCSRF', ], 'session' => [ 'name' => 'PHPFRONTSESSID', 'cookieParams' => [ 'httpOnly' => true, 'path' => '/', ], ], ...
-
此时,您可以实现
models/frontend/LoginForm.php和models/frontend/SignupForm.php模型,并为它们创建视图和控制器操作。 -
在您的前端控制器中必须实现某种形式的访问控制,以确定允许前端用户执行哪些操作。这可以通过 rbac 角色或通过实现访问过滤器作为行为来完成。
public function behaviors() { return [ 'access' => [ 'class' => AccessControl::className(), 'rules' => [ // Login and signup pages are accessible for guests [ 'actions' => ['login','signup', 'request-password-reset'], 'allow' => true, 'roles' => ['?','@'], ], // Logout page is accessible for authenticated users [ 'actions' => ['logout'], 'allow' => true, 'roles' => ['@'], ], // These actions are accessible for authenticated users [ 'actions' => [...], 'allow' => true, 'roles' => ['@'], ], ... ], // If access is denied, redirect to the login page 'denyCallback' => function ($rule, $action) { $this->redirect(['/'])->send(); } ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ 'logout' => ['post'], ], ], ]; }