I would like to log a user in automatically after successful registration, so I have this piece of code to do it:
The page at /home has a widget that uses Yii::app()->user->name, but after redirecting, the user name is not available.
I can log the user in manually and the data is there with no issue.
Have I missed a step in my auto login code?
Thanks
It seems fine to me. Do you mean Yii::app()->user->name is not set?
In the widget:
The 'if' condition evaluates to isGuest = true, even after logging the user in, so the code block does not run.
Did you override CUserIdentity::getId() ? I guess $identity doesn't have a valid ID value even if you call authenticate() (because your password may not be correct since it may be encoded.)
I'm using the webapp generated UserIdentity, which has getId overridden:
It's just strange that I can log them in manually since the password is the same from the form or from the DB (same salt and hashing).
When I echo Yii::app()->user->id outside of the conditional after auto login authentication, it's empty, but when I log in manually, the id shows up, so you're right, it's not getting the id, I just can't figure out why since the very same functions are being called in both cases.
It's the same and only UserIdentity class in the app.
When you do "new UserIdentity", is the password in plain text or hashed?
It's the hashed password from the database.
Wait a minute, that means I'm hashing the hashed password by calling authenticate(). How can it log in at all?
EDIT: The answer is it's not logging in, it's showing a secure page without the user having to successfully authenticate.
How are you guys ensuring a user is authenticated before displaying pages? RBAC?
All you need is a valid user ID. So you may add a new method in your UserIdentity class which will find the ID based on the given username. You can call this method and then login the identity.
Thanks qiang 