authentification

Yii 1.1 Tips, Snippets and Tutorials
1

Hi, I’ve posted in the bug forum but got no answer so I try here.

I notice that when a user logs in, the authenticate() method from the UserIdentity class it called two times.

I wonder if it’s normal and if it’s not the reason of some strange behaviors concerning sessions.

I don’t get why it has to be called because of the rule to validate the password.

This is the method which is called to validate the password, in fact it checks the whole identity (username+password), same as what is done in the login() method, that’s why I think it’s useless.

public function authenticate($attribute,$params)

{

$this->_identity=new UserIdentity($this->username,$this->password);

if(!$this->_identity->authenticate())

$this->addError(‘password’,‘Incorrect username or password.’);

}

Thanks.

2

@jpj

Please do not post same questions in different threads… and especially not on wrong threads… this one is for "tips, snippets and tutorials"…

If you don’t get an answer you can reply on your original question so that your message “bump” on the top…

DO NOT POST AGAIN THE SAME QUESTION - it’s useless…

but

at least wait a day or two to pass… and if you posted on weekend (or just before it)… wait a bit more… on weekends there are a bit less readers here as all we have a private life…

and in the meantime if there are no answers… read the documentations… debug the application… maybe you get the answer yourself… and if you GET IT by yourself it will be more rewarding for yourself… :D

3

Ok.

If I did that, it’s because my question is about 2 months old and has 0 answers.

In addition, it’s not specific to my application but related to the code provided within the demos applications.

4

Maybe your question wasn’t good enough? :)

I tend to skip a lot of unfinished questions - especially those where I feel that the poster hadn’t done their homework, not provided enough details, is vague, etc.

If you don’t get answer the first time around, add to it: thoughts, additional information, what have you done yourself, what works and what doesn’t.

Help people help you.

5

As I wrote before… in this case just replay to yourself on that question writing “I still have this problem” or “anyone”… It’s not useful to post the same question again…

You have only 8 post… all in 3 threads… .and all 3 thread with the same question ???

Anyway… you can just debug the code… and find why and in which case this function is called… instead of waiting that someone do that for you…you had two months to do that…

I don’t know french but here you got some answers, too - http://www.yiiframew…p?/topic/13484-

6

Maybe you haven’t even taken the time to read the post entirely, there isn’t a piece of code I’ve written, it comes with the blog demo and I don’t expect any correction, just confirmation there’s no bug.

Anyway I don’t like at all the way you respond. I don’t wait for people to do things for me, as you say nicely.

Forums are full of admins who like to say that kind of things : learn to search in the forum, question already posted, are you stupid to post two times the same question in two differents topics, and so on.

I’ll manage with the problem. See you. Or not.

7

i have read your post… but seems that you haven’t read my… I have not written that you need to change anything… I just wrote that you can debug the code… line by line… so that you find out when and why this function is called…

As you wrote above… you posted that question two month ago… in the meantime there are no other posts by you… and now you post again the same question…

So sorry if you are upset for me telling you to not post the same question again as a new post, but to replay on the original post…

but doing that you just bloat the forum and there is no use of that…

8

To answer your original question:

Yes. It’s normal. ;)

And it was a very unclear question, by the way.

IMO, it’s silly.

You put your precious question out there and wait patiently for a month.

Then come back with a vengeance.

You could simply have replied to your own post and asked if you needed to rephrase the question.

To be totally honest: I skipped answering your post because it wasn’t totally clear what you were asking.

Perhaps you could have elaborated.

And I was busy and hadn’t the time for guesswork.

Some people could have overlooked your question.

Who knows?

Just don’t sit there, do something.

And don’t take anything on-line personally.

9

Ok, I’m able to understand that if you just say it nicely, without adding I don’t even try to understand things by myself and so on, because I spent a long time doing it. Anyway, as I say in the post, I don’t even need somone to do something for me, I’ve solved something that for me was a problem. It was just to have the confirmation that there was indeed a mistake in the example code given, which could be useful to others also.

10

You mean here ? ->

http://www.yiiframework.com/doc/guide/1.1/en/topics.auth#login-and-logout

I am not sure to be honest.

Am a Yii rookie myself.

It works for me, but I am not using the authenticate validation rule in my model currently.

11

In fact, if Ajax is activated in the form view (‘enableAjaxValidation’=>true,), then, the rule for the password that calls authenticate() does the authentication, I was surprised because I’d have expected it doing rather only a check on the format :

// models\forms\LoginForm.php

public function rules()

{


	return array(


		// username and password are required


		array('username, password', 'required'),


		// rememberMe needs to be a boolean


		array('rememberMe', 'boolean'),


		// password needs to be authenticated


		array('password', 'authenticate'),


	);


}

public function authenticate($attribute,$params)

{


	$this->_identity=new UserIdentity($this->username,$this->password);


	if(!$this->_identity->authenticate())


		$this->addError('password','Incorrect username or password.');


}

Then, when really submitting the form, this method is called.

The test if($this->_identity===null), is here do the same thing as what is done by the rule, if identity is not set yet.

public function login()

{


	if($this->_identity===null)


	{


		$this->_identity=new UserIdentity($this->username,$this->password);


		$this->_identity->authenticate();


	}


	if($this->_identity->errorCode===UserIdentity::ERROR_NONE)


	{


		$duration=$this->rememberMe ? 3600*24*30 : 0; // 30 days


		Yii::app()->user->login($this->_identity,$duration);


		return true;


	}


	else


		return false;


}

For me, it was just strange to process authentication in a validation rule.