Using sessions from external app to authenticate users

Hi all

First of all, let me thank you for this amazing framework. I’m still learning Yii but I’m finding it very friendly, useful and FAST !! :D

I’ve been trying to integrate PHPBB sessions into Yii framework, and I’ve been able to go half way. Meaning that, I can retrieve the session from phpbb and authenticate the user by extendending CWebUser and overriding the restoreFromCookie() method.

The problem is that I don’t want Yii to store a cookie and then authenticate the user from its own cookie and session parameters, I’d like that for every page load, to check the phpbb sessions and evaluate if the user is authenticated or not.

How can I accomplish this ? Any hint ?



I don’t know how PHPBB stores it’s sessions. But you seem to know, so you can override CWebUser::getIsGuest() in your custom webuser component:

public function getIsGuest()


    return Yii::app()->session->get('php_bbs_name_of_session_auth_param')!=='php_bbs_successful_auth_value';


Hi Mike

Well, I’ve managed to do it, but I don’t know if I did it the right way.

Basically I extended CWebUser and overridden init method, since I have to check for every page load if the user is valid, thus relying solely on sessions maintained by phpbb (not yii session handling).

I had also to override a few other methods, for instance, getIsGuest and also set the state isAdmin to provide access control.

I’m not sure if this is the right way or not, but it works… Although I had a model named user (to manage user) which I had to rename, because if wasn’t working (missing methods and properties)…

I just don’t know what to expect from now on…

As a brief comment: I find this Yii framework to be very well put up together, but sometimes it’s quite hard to find information on how to do certain things, mainly on this topic of session handling.

Thanks :D