Genesis of the initial admin and demo accounts

Yii 1.1 General Discussion
1

I have been following along the Blog Tutorial (http://www.yiiframework.com/doc/blog/1.1/en/prototype.auth) and I decided to dig and find out where the demo and admin accounts are stored.

Specifically, I noticed I can’t log into the admin account in the Blog tutorial demo. (Though I can log into the “demo” account just fine).

Not sure if I messed something up as I was playing with all the code, but it got me to think "Where is the demo and admin account located" I do not have any entries in the tbl_users table, so I know Demo/Admin are not in a database, at least a MySQL one.

I searched through the source code to see if it was hardcoded but I came up dry. I know I could just add something like this to the "authenticate()" function in my UserIdentity.php class:




if ($this->$username == 'admin' && $this->password == 'admin') {

	$this->errorCode=self::ERROR_NONE;

	return true;

}

But when I do that, although the “invalid username/password” error goes away, I don’t actually log in.

So… I know my authentication is okay. But where does Yii get the default demo/admin user accounts?

(I think knowing this will help me solve the original program—why the admin account can’t be logged into. If this assumption is incorrect, I am very open to learn!).

2

The current demo seems to use the sqlite database:

Config:




		'db'=>array(

			'connectionString' => 'sqlite:protected/data/blog.db',

			'tablePrefix' => 'tbl_',

		),

I believe that the base application generated by yiic has the auth details hard coded in the UserIdentity class.

3

Ah I see that now. I must have gotten a little confused since I expected the admin account to work too. I figured Yii looks both in the stated users table and in a hard coded section of the code.

In fact, it is hard coded here: framework\cli\views\webapp\protected\components\UserIdentity.php




		$users=array(

			// username => password

			'demo'=>'demo',

			'admin'=>'admin',

		);