I have created my own login page and using database for authentication (not ‘admin’ and ‘demo’ anymore), my login page will read from ‘user’ table. in user table there is ‘role’ attribute which only contained ‘administrator’ or ‘super administrator’. The problem is, how can I manage the page after those 2 different roles logging in. For example, administrator will go to ‘site/adminCMS’ while superadministrator will go to ‘site/superCMS’ after successful login.
Your UserIdentity class should contain a method like this (note the setState() calls):
public function authenticate()
{
$user = User::model()->find('login = ?', array($this->username));
if ($user === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else if (!$user->validatePassword($this->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
// valid user and login
$this->errorCode = self::ERROR_NONE;
$this->_id = $user->id;
// add all fields as persistent attributes of Yii::app()->user
foreach ($user->attributes as $field => $value) {
if ($field !== 'id') {
$this->setState($field, $value);
}
}
}
return ($this->errorCode == self::ERROR_NONE);
}
Now if your User class has an attribute "role", your site controller should contain (note the getState() call):
public function actionLogin()
{
$model = new LoginForm;
// collect user input data
if (isset($_POST['LoginForm'])) {
$model->attributes = $_POST['LoginForm'];
// validate user input and redirect to the previous page if valid
if ($model->validate() && $model->login()) {
if (Yii::app()->user->getState('role') == 'admin') {
$this->redirect('over/there');
} else {
$this->redirect(Yii::app()->user->returnUrl);
}
}
}
$this->render('login', array('model' => $model));
}
You will be able to access your user attributes everywhere with “Yii::app()->user->myattribute” or “Yii::app()->user->getState(‘myattribute’)”. IIRC, you need to use the later for the “role” attribute.
public function actionLogin() {
$model = new LoginForm;
// collect user input data
if (isset($_POST['LoginForm'])) {
$model->attributes = $_POST['LoginForm'];
// validate user input and redirect to the previous page if valid
if ($model->validate() && $model->login()) {
if ($model->role == 'administrator') {
$this->redirect('site/adminCMS');
} else if ($model->role == 'super administrator') {
$this->redirect('site/superCMS');
} else {
$this->redirect(Yii::app()->user->returnUrl);
}
}
}
$this->render('login', array('model' => $model));
}
As I wrote, this will make the useful info (mainly the value of "role") available on every page of the application (through a PHP session).
Your solution is wrong. Here the model is "LoginForm", so you are trying to read the "role" attribute of this form. But the form do not (and should not) contain this.
What you probably wanted to do was:
if (User::model()->findByPk(Yii::app()->user->id)->role === 'admin') {
This is much heavier than the solution I suggested. It also has 2 drawbacks: it makes an unnecessary DB query, and does not provide the "role" data on other pages (which would probably be handy).