Cook your own User Authentication in Yii – Part 2

In Cook your own User Authentication in Yii – Part 1 , we saw how to over-ride the CUserIdentity class to implement our own user validation against a database table.
In this tutorial, we will see how to use the CWebUser class to load the user details into the user’s web session.

Customising the CWebUser class

Once the user has been validated, in our case, against the database, we can then load the user details into the webuser class which Yii  holds in the User Session.  Because of this, you should be careful of what information you load and store in the webuser class as it could easily be accessible by the end user.
So we will create a new component called WebUser in protected/components as follows:-

class WebUser extends CWebUser {
    // Store model to not repeat query.
    private $_model;
    // Return first name.
    // access it by Yii::app()->user->first_name
    function getFirstName(){
        $user = $this->loadUser(Yii::app()->user->id);
        return $user->firstname;
    function getFullName(){
        $user = $this->loadUser(Yii::app()->user->id);
        return $user->fullName();
    function getRole(){
        $user = $this->loadUser(Yii::app()->user->id);
        return $user->role;
    function getPage(){
        $user = $this->loadUser(Yii::app()->user->id);
        return $user->pagination;
    function getPasswordExpires(){
        $user = $this->loadUser(Yii::app()->user->id);
        return $user->checkExpiryDate();        
    // This is a function that checks the field 'role'
    // in the User model to be equal to constant defined in our User class
    // that means it's admin
    // access it by Yii::app()->user->isAdmin()
    function isAdmin(){
        $user = $this->loadUser(Yii::app()->user->id);
        if ($user!==null)
            return intval($user->role) == Users::ROLE_ADMIN;
        else return false;
    // Load user model.
    protected function loadUser($id=null) {
        return $this->_model;

And then in the main configuration file (config/main.php) you will need to specify the class in the User component, for example:
 // enable cookie-based authentication
     'loginUrl' => array('/site/login'),

Our WebUser class extends the CWebUser class which is the class accessed by the Yii Application User component.  Thus, when you reference Yii::app()->user it will now reference our new WebUser class.  Therefore, anything that we define here can be accessed using the syntax 

Yii::app()->user->property or Yii::app()->user->function() 

Eg: Yii::app()->user->isAdmin() 

Other things to note; 

1)  Business rules, like the concatenation of the fullName should be held in the User Model, as I have done here, and then can be exposed by the webuser class as a property Yii::app()->user->fullName 

2)  I’ve introduced a User Profile field called ‘pagination’ which I use to allow users to define how many items are displayed in a GridView.  For performance reasons, I then set a ceiling that is appropriate for my application in the validation of the User Model. 

3) I have updated Part 1 of the Tutorial to include a new function in the User model called checkExpiryDate, so you will need to go back and get that code. 

That should now all work, so you can now check Yii:app()->user->isAdmin() to check for authorised users.
In Part 3, I  will then add the functionality to manage the user profile, enable the user to change their passwords and check for password expiration on user login …. 

-> sign-up to my newsletter for the next tutorial

Let’s Start a Project!

Contact Me