3

是否有强制yii通过给定用户名验证用户而不咨询数据库?

我的应用程序将使用 aapi登录,直到api没有写入,我们不能使用app.

由于这个api我们没有user模型,所以在尝试使用时认证过程会破裂User::model()

public function authenticate()
{
    if (strpos($this->username,"@")) {
        $user=User::model()->findByAttributes(array('email'=>$this->username));
    } else {
        $user=User::model()->findByAttributes(array('username'=>$this->username));
    }
    if($user===null)
        if (strpos($this->username,"@")) {
            $this->errorCode=self::ERROR_EMAIL_INVALID;
        } else {
            $this->errorCode=self::ERROR_USERNAME_INVALID;
        }
    else if(Yii::app()->getModule('user')->encrypting($this->password)!==$user->password)
        $this->errorCode=self::ERROR_PASSWORD_INVALID;
    else if($user->active==0&&Yii::app()->getModule('user')->loginNotActiv==false)
        $this->errorCode=self::ERROR_STATUS_NOTACTIV;
    else if($user->active==-1)
        $this->errorCode=self::ERROR_STATUS_BAN;
    else {
        $this->_id=$user->id;
        $this->errorCode=self::ERROR_NONE;
        $user->saveState($this);
    }
    return !$this->errorCode;
}
4

1 回答 1

3

以下代码显示了UserIdentity.phpyiic 生成的默认值。它根据需要使用硬编码的用户和密码。

<?php

/**
 * UserIdentity represents the data needed to identity a user.
 * It contains the authentication method that checks if the provided
 * data can identity the user.
 */
class UserIdentity extends CUserIdentity
{
    /**
     * Authenticates a user.
     * The example implementation makes sure if the username and password
     * are both 'demo'.
     * In practical applications, this should be changed to authenticate
     * against some persistent user identity storage (e.g. database).
     * @return boolean whether authentication succeeds.
     */
    public function authenticate()
    {
        $users=array(
            // username => password
            'demo'=>'demo',
            'admin'=>'admin',
        );
        if(!isset($users[$this->username]))
            $this->errorCode=self::ERROR_USERNAME_INVALID;
        elseif($users[$this->username]!==$this->password)
            $this->errorCode=self::ERROR_PASSWORD_INVALID;
        else
            $this->errorCode=self::ERROR_NONE;
        return !$this->errorCode;
    }
}
于 2013-11-14T10:29:46.287 回答