Two step authentication

Hello all,

What would be the best way to approach the implementation of a two step authenthication method?

Would it be suitable to set a state on the extended CUserIdentity class and test it?

The result I am aiming at is:

  1. User inputs username and password

  2. User is taken to another page that asks for zip code and town

If only step one is verified, I would like the user to be diverted directly to Step 2 without being able to progress to other areas of the site.

If both steps requirements are satisfied, then user is considered logged in and will be taken to the relevant page.

Any help much appreciated.



You can solve this by using a combination of CWebUser::setFlash(), CWebUser::getFlash() and CWebUser::hetFlash()

Hello jayrulez. Thanks for your reply, but flash messages in that context are partly relevant, as they would only replace messages that would otherwise be shown on the view.

My question is about maintaining a state that is neither logged in nor logged out - it is something in between which would allow for the zip code/town check to happen.



Hi all,

I ended up using sessions for this and it worked as it should.


To help build up documentation resources, perhaps you could put in some details of what you did in case someone else comes along looking to do something similar?

How have you done to solve yhis issue.

I have the same issue but no solution.