Check Database Status For Login


(Aneesh) #1

For login with database username and password, want to check the account_status (active/inactive) of user for login. How it check on user login time?

if username and password is correct and status in inactive, shows error in login form. Like "account not active".

My controller is




public function actionCreate()

	{

		$model=new User;


		// Uncomment the following line if AJAX validation is needed

		// $this->performAjaxValidation($model);


		if(isset($_POST['User']))

		{

			$model->attributes=$_POST['User'];

                        $model->password=  md5($_POST['User']['password']);

			if($model->save())

				$this->redirect(array('view','id'=>$model->id));

		}


		$this->render('create',array(

			'model'=>$model,

		));

	}



User identity code




public function authenticate()

    {

        $user=User::model()->findByAttributes(array('username'=>$this->username));

        if($user===null)

            $this->errorCode=self::ERROR_USERNAME_INVALID;

        else if($user->password!==md5($this->password))

            $this->errorCode=self::ERROR_PASSWORD_INVALID;

        else

        {

            $this->_id=$user->id;

           // $this->setState('lastLoginTime', $user->lastLoginTime);

            $this->errorCode=self::ERROR_NONE;

        }

        return !$this->errorCode;

    }



In user identity, i want to check the status.


(Chellamnivas) #2

Dear Friend

I hope the following would be helpful.

UserIdentity::authenticate()




public function authenticate()

    {

        $user=User::model()->findByAttributes(array('username'=>$this->username));

        if($user===null)

            $this->errorCode=self::ERROR_USERNAME_INVALID;

        else if($user->password!==md5($this->password))

            $this->errorCode=self::ERROR_PASSWORD_INVALID;


        else if($user->account_status=="inactive")

             $this->errorCode=self::ERROR_UNKNOWN_IDENTITY;


        else

        {

            $this->_id=$user->id;

            $this->errorCode=self::ERROR_NONE;

        }

        return !$this->errorCode;

    }



LoginForm::authenticate()




public function authenticate($attribute,$params)

	{

		if(!$this->hasErrors())

		{

			$this->_identity=new UserIdentity($this->username,$this->password);

			if(!$this->_identity->authenticate())

				$this->addError('password','Incorrect username or password or account status is not active.');

		}

	}







(Aneesh) #3

Want to display error separately like 1. Username not valid 2. Password not correct 3. Account not active

I used this code in authenticate(), but it shows the error for username and password not shows the status error.




public function authenticate($attribute,$params)

	{

		if(!$this->hasErrors())

		{

			$identity=new UserIdentity($this->username,$this->password);

			$identity->authenticate();

                        switch($identity->errorCode)

			{

				case UserIdentity::ERROR_NONE:

					Yii::app()->user->login($identity);

					break;

                                

				case UserIdentity::ERROR_USERNAME_INVALID:

					$this->addError('username','Username not valid');

					break;

                                    

				case UserIdentity::ERROR_PASSWORD_INVALID:

					$this->addError('password','Password not valid');

					break;

                                    default : //UserIdentity::ERROR_STATUS_INVALID;

                                        $this->addError('status','Your Accout Not active');

                                        break;

                                   

			}


		}

	}





(Alirz23) #4

here is a much simpler solution just define a custom validator checkStatus




class UserIdentity extends CUserIdentity

{

	public $status;


	public function authenticate()

	{       

                ...

		$this->status=$user->status;

		...

	}

}





public function rules()

	{

		return array(

			// username and password are required

			array('username, password', 'required'),

			// rememberMe needs to be a boolean

			array('rememberMe', 'boolean'),

			// password needs to be authenticated

			array('password', 'authenticate'),

			array('username', 'checkStatus'),

		);

	}


	public function checkStatus($attribute,$params)

	{

		if(!$this->hasErrors())

		{

			if($this->_identity->status===USER::STATUS_INACTIVE)

				$this->addError('username', 'Account is not active.');

		}

	}




class User extend CActiveRecord

{ 

    const STATUS_INACTIVE=0;

     ....

}





(Chellamnivas) #5

Dear Friend

I hope it would serve the purpose.




public function authenticate($attribute,$params)

	{

		if(!$this->hasErrors())

		{

			$this->_identity=$identity=new UserIdentity($this->username,$this->password);

			if(!$identity->authenticate()){

			       if($identity->errorCode==1)

				   $this->addError('username','Incorrect username.');

				if($identity->errorCode==2)

				   $this->addError('password','Incorrect username.');

				if($identity->errorCode==100)

				   $this->addError('username','Your account not activated');

                             }

		}

	}



status is not the attribute of LoginForm. It is the attribute of User Model.

The following is the workaround.

Declare a virtual property atatus in LoginForm




class LoginForm extends CFormModel

{

	public $username;

	public $password;

	public $rememberMe;

        public $status; //here added the virtual property status.

	private $_identity;


	public function rules()

	{

		return array(

			array('username, password', 'required'),

			array('rememberMe', 'boolean'),

			array('password', 'authenticate'),

		);

	}


	

	


	public function authenticate($attribute,$params)

	{

		if(!$this->hasErrors())

		{

			$this->_identity=$identity=new UserIdentity($this->username,$this->password);

			if(!$identity->authenticate()){

			    if($identity->errorCode==1)

				   $this->addError('username','Incorrect username.');

				if($identity->errorCode==2)

				   $this->addError('password','Incorrect username.');

				if($identity->errorCode==100)

				   $this->addError('status','Your account not activated');//adding error to the status.

                        }

		}

	}



Then we have to add CActiveForm::error method to below the username field.

login.php





div class="row">

		<?php echo $form->labelEx($model,'username'); ?>

		<?php echo $form->textField($model,'username'); ?>

		<?php echo $form->error($model,'username'); ?>


<!-- Added the error display for property status-->

		<?php echo $form->error($model,'status'); ?>

	</div>




(Aneesh) #6

Thanks it works fine…:)


(Rohisuthar) #7

Follow this updated wiki -

Disallowing login for INACTIVE users in Yii