CWebUser

Details
Description

Name	user
Class	CWebUser
Location	/home/vhosts/app-manager.eu5.org/framework/web/auth/CWebUser.php

CWebUser represents the persistent state for a Web application user.

CWebUser is used as an application component whose ID is 'user'. Therefore, at any place one can access the user state via Yii::app()->user. CWebUser should be used together with an {@link IUserIdentity identity} which implements the actual authentication algorithm. A typical authentication process using CWebUser is as follows:

The user provides information needed for authentication.
An {@link IUserIdentity identity instance} is created with the user-provided information.
Call {@link IUserIdentity::authenticate} to check if the identity is valid.
If valid, call {@link CWebUser::login} to login the user, and Redirect the user browser to {@link returnUrl}.
If not valid, retrieve the error code or message from the identity instance and display it.

The property {@link id} and {@link name} are both identifiers for the user. The former is mainly used internally (e.g. primary key), while the latter is for display purpose (e.g. username). The {@link id} property is a unique identifier for a user that is persistent during the whole user session. It can be a username, or something else, depending on the implementation of the {@link IUserIdentity identity class}. Both {@link id} and {@link name} are persistent during the user session. Besides, an identity may have additional persistent data which can be accessed by calling {@link getState}. Note, when {@link allowAutoLogin cookie-based authentication} is enabled, all these persistent data will be stored in cookie. Therefore, do not store password or other sensitive data in the persistent storage. Instead, you should store them directly in session on the server side if needed.

Options

Displaying 1-10 of 13 results.

Name	Value	Description	Type
allowAutoLogin	true	Whether to enable cookie-based login. Defaults to false.	boolean
guestName	'Guest'	The name for a guest user. Defaults to 'Guest'. This is used by {@link getName} when the current user is a guest (not authenticated).	string
loginUrl	array ( '/site/login', )	The URL for login. If using array, the first element should be the route to the login action, and the rest name-value pairs are GET parameters to construct the login URL (e.g. array('/site/login')). If this property is null, a 403 HTTP exception will be raised instead. @see CController::createUrl	string\|array
identityCookie	null	The property values (in name-value pairs) used to initialize the identity cookie. Any property of {@link CHttpCookie} may be initialized. This property is effective only when {@link allowAutoLogin} is true.	array
authTimeout	null	Timeout in seconds after which user is logged out if inactive. If this property is not set, the user will be logged out after the current session expires (c.f. {@link CHttpSession::timeout}). @since 1.1.7	integer
autoRenewCookie	false	Whether to automatically renew the identity cookie each time a page is requested. Defaults to false. This property is effective only when {@link allowAutoLogin} is true. When this is false, the identity cookie will expire after the specified duration since the user is initially logged in. When this is true, the identity cookie will expire after the specified duration since the user visits the site the last time. @see allowAutoLogin @since 1.1.0	boolean
autoUpdateFlash	true	Whether to automatically update the validity of flash messages. Defaults to true, meaning flash messages will be valid only in the current and the next requests. If this is set false, you will be responsible for ensuring a flash message is deleted after usage. (This can be achieved by calling {@link getFlash} with the 3rd parameter being true). @since 1.1.7	boolean
loginRequiredAjaxResponse	null	Value that will be echoed in case that user session has expired during an ajax call. When a request is made and user session has expired, {@link loginRequired} redirects to {@link loginUrl} for login. If that happens during an ajax call, the complete HTML login page is returned as the result of that ajax call. That could be a problem if the ajax call expects the result to be a json array or a predefined string, as the login page is ignored in that case. To solve this, set this property to the desired return value. If this property is set, this value will be returned as the result of the ajax call in case that the user session has expired. @since 1.1.9 @see loginRequired	string
behaviors	array()	The behaviors that should be attached to this component. The behaviors will be attached to the component when {@link init} is called. Please refer to {@link CModel::behaviors} on how to specify the value of this property.	array
id	null	The unique identifier for the user. If null, it means the user is a guest.	mixed