haimwd
(Haim)
1
hello,
in the yii1.1 for login on all the website pages we were using beforeAction, i saw that in the Yii2 we also have this feature but its not so elegant.
my question is is there other way to do this or still using the old trick?
thanks in advance.
flarpy
(Peter)
2
The way to do this is to use accessrules in your controller, using the built in authentication features of Yii2
http://www.yiiframework.com/doc-2.0/guide-security-authentication.html
From http://www.yiiframework.com/doc-2.0/guide-security-authorization.html
The below will force any user not logged in to the login form unless they go to "login" or "signup" actions
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'rules' => [
[
'allow' => true,
'actions' => ['login', 'signup'],
'roles' => ['?'],// ? means a guest user (not logged in)
],
[
'allow' => true,
'actions' => ['logout'],
'roles' => ['@'], // @ means a logged in user
],
],
],
];
}