问题
I have a user that needs to authenticate his account via an OTP. TO authenticate, he fills in his OTP and it verifies the cellphone number. Once authenticated, I want to force him to log in. I.e. So he doesn't still have to manually login. So, for this form, I basically have:
if($model->validate())
{
// Force Login
$this->redirect(array('/site/index'));
}
Using only one of his credentials (namely his cellphone number), I need to force him to login. How would I do that?
回答1:
The procedure is explained in the documentation for CWebUser:
- The user provides information needed for authentication.
- An identity instance is created with the user-provided information.
- Call IUserIdentity::authenticate to check if the identity is valid.
- If valid, call
CWebUser::loginto login the user, and Redirect the user browser toreturnUrl.
You should already have an identity class that implements IUserIdentity. Usually this is a class deriving from CUserIdentity, which takes a username and a password on construction. There is a great degree of freedom here: you can decide not to derive from CUserIdentity and use your own custom identity class that authenticates any way you wish, or you can derive from CUserIdentity and override the authenticate method to authenticate with the OTP.
The procedure would then be exactly as above:
$identity = new MyIdentity(...); // you decide what params it takes
if ($identity->authenticate()) {
$user = Yii::app()->user;
$user->login($identity);
$this->redirect($user->returnUrl);
}
来源:https://stackoverflow.com/questions/14769234/how-to-force-a-login-using-yii