I am a newbie to Yii. I am currently developing a web application where users must login first in order to use our system. how can we guard this line so that whenever users are not loggedin or logout, they will be redirected to the login page?
If you want to restrict authenticated/guest users from controller actions, you can do this by implementing the access control filter and specifying rules using the accessRules method of the controller.
you mean "You should not be implementing this as a system wide thing but on a per controller basis."
I was thinking, if all controller extends from controller which extends Ccontroller, would that be possible to do anything in the Controller class, instead of doing the same in all its sub controllers.
all controllers we create extend from the Controller class, which locates in the protected/component/Controller.php right?
what I mean is that instead of applying rules to sub controllers, like if user is not logged in,then redirect user to login page. why not just apply it to the parent Controller class. this way, we don’t need to do the same logic for sub controllers. hope this is clear…
I personally would not put any access rules in a parent controller because as soon as I want to introduce something as basic as a role, biz rule or some other item, then I have to start calling the parent method, merging arrays etc. and it just looks ugly. I also try not to rely on parent controllers either as to limit decoupling/dependency of classes throughout my applications.
You may also not want authentication for a particular action e.g. site/login site/password-reset and so on, so again, I’d have to start over writing access rules of the parent controller.