I’ve been using Yii 1.x for my current applications and they all authenticate to a central User App via API. I’ve tried several ways yesterday & today to authenticate via API using Yii2.
So my question is, how do I make the UserIdentity show the user as logged in without using ActiveRecord?
When I try and manipulate the main login function below I get an error saying that I am not passing an Identity but an array. $response is the JSON response from the API User Application.
class SSOLogin extends Model implements IdentityInterface
{
...............
public static function authenticate($username,$password)
{
$action = 'apiaccess/login';
$data = array(
'username' => $username,
'password' => $password,
);
$response = static::apiCall($action,$data);
if(!$response['authenticated'] && !$response['access']) {
//return $response['message'];
return false;
}else{
return Yii::$app->user->login($response, 3600 * 24 * 30);
}
}
...............
}
The problem is I can’t find a way to implement the old way of creating the UserIdentity.
UsersController
.........
public function actionLogin()
{
if (Yii::app()->request->isPostRequest) {
$this->_identity=new UserIdentity($_POST['email'],$_POST['password']);
$this->_identity->authenticate();
if($this->_identity->errorCode===UserIdentity::ERROR_NONE){
$duration=$this->rememberMe ? 3600*24*30 : 0; // 30 days
Yii::app()->user->login($this->_identity,$duration);
$this->redirect(Yii::app()->homeUrl);
}else{
throw new CHttpException(400,$this->_identity->errorCode);
}
}else{
throw new CHttpException(400,'Login error!');
}
}
UserIdentity
.............
public function authenticate()
{
$action = 'apiaccess/login';
$data = array(
'username' => $this->username,
'password' => $this->password,
);
$response = SSOApi::call($action,$data);
if(!$response['authenticated'] && !$response['access'])
$this->errorCode=$response['message'];
else
{
$this->_id=$response['uid'];
$this->_email=$response['email'];
$this->errorCode=self::ERROR_NONE;
}
return !$this->errorCode;
}