Been away for a while, but now I have a problem that I am unable to solve.
I have my app authentication made by this tutorial: http://www.yiiframework.com/wiki/65/how-to-setup-rbac-with-a-php-file/. It worked fine by me for some time, at least I thought so. But now I’ve moved my app to another servers and the problems began to show. Here is the problem:
When I logged in for the first time on the new server, my rights were OK (I can saw the whole mbmenu).
I logged out, stil everything ok.
I log back in and all I can see in the MbMenu is logout.
I’ve been searching for a while and I figured out that on the old server my data in the auth.php files are not deleting?! and data at the new server is deleting. The problem is that file has the same privileges and rights on both servers, also yii requirements test give me the same result. It is correct that user authentication gets deleted after the user logs out. But I would like to know how to say to the app to accept the privileges and authentication without need to refresh the app for a few times.
I think you misunderstood me. The file is ok. Just the user authentication gets deleted. And as far as I understand it that is the right workflow. I just do not understand why aplication is not resfeshing itself when new authentication settings are "confirmed".
//SiteController.php
public function actionLogin()
{
$model=new LoginForm;
// if it is ajax validation request
if(isset($_POST['ajax']) && $_POST['ajax']==='login-form')
{
echo CActiveForm::validate($model);
Yii::app()->end();
}
// collect user input data
if(isset($_POST['LoginForm']))
{
$model->attributes=$_POST['LoginForm'];
// validate user input and redirect to the previous page if valid
if($model->validate() && $model->login())
$auth=Yii::app()->authManager; //initializes the authManager
$this->redirect(Yii::app()->user->returnUrl);
}
// display the login form
$this->render('login',array('model'=>$model));
}
/**
* Logs out the current user and redirect to homepage.
*/
public function actionLogout()
{
$assigned_roles = Yii::app()->authManager->getRoles(Yii::app()->user->id); //obtains all assigned roles for this user id
if(!empty($assigned_roles)) //checks that there are assigned roles
{
$auth=Yii::app()->authManager; //initializes the authManager
foreach($assigned_roles as $n=>$role)
{
if($auth->revoke($n,Yii::app()->user->id)) //remove each assigned role for this user
Yii::app()->authManager->save(); //again always save the result
}
}
Yii::app()->user->logout();
$this->redirect(Yii::app()->homeUrl);
}
As I see here when logout is made, authManager revokes user privileges and saves it into the file. Or am I understanding that wrong?
I guess nobody else is using this way of authentication, but still I would appreciate any help.
I have tried to find out if any settings are different between the two servers and now the odd thing has happened. On my development virtual machine the same problem accured than on the new server. I get the right privileges when I press F5 once or twice. I’ve tried to remake auth.php from auth.txt, but the error stays.
Overall I’m still swimming in the dark, so any replies would be more than appreciated.
