Account management for Yii including login/logout, lost password, update account, change password.
Please download using ONE of the following methods:
All requirements are automatically downloaded into the correct location when using composer. There is no need to download additional files or set paths to third party files.
Get composer:
curl http://getcomposer.org/installer | php
Install latest release OR development version:
php composer.phar require cornernote/yii-account-module:* // latest release php composer.phar require cornernote/yii-account-module:dev-master // development version
Add the vendor folder to the aliases in your yii configuration:
return array(
'aliases' => array(
'vendor' => '/path/to/vendor',
),
);
Download the latest release or
development version and move the
account folder into your protected/modules folder.
In addition the following are required:
Add AccountModule to the modules in your yii configuration.
Minimum configuration:
return array(
'modules' => array(
'account' => array(
'class' => '/path/to/vendor/cornernote/yii-account-module/account/AccountModule',
),
),
);
Full configuration:
return array(
'controllerMap' => array(
// allows you to use your own AccountController
'account' => 'application.controllers.AccountController',
),
'modules' => array(
'account' => array(
// path to the AccountModule class
'class' => '/path/to/vendor/cornernote/yii-account-module/account/AccountModule',
// The ID of the CDbConnection application component. If not set, a SQLite3
// database will be automatically created in protected/runtime/account-AccountVersion.db.
'connectionID' => 'db',
// Whether the DB tables should be created automatically if they do not exist. Defaults to true.
// If you already have the table created, it is recommended you set this property to be false to improve performance.
'autoCreateTables' => true,
// If we should allow access to the module controllers.
// Set to false if you only want to use the actions in your own controllers, the controllers will then throw a 404 error.
'useAccountAccountController' => true,
// The layout used for module controllers.
'layout' => 'account.views.layouts.column1',
// The user class to use for user storage.
'userClass' => 'AccountUser',
// The field to store the user's first name, or false to not store the first name.
'firstNameField' => 'first_name',
// The field to store the user's last name, or false to not store the last name.
'lastNameField' => 'last_name',
// The field to store the user's email address.
'emailField' => 'email',
// The field to store the user's username, or false to not store the username.
'usernameField' => 'username',
// The field to store the user's password.
'passwordField' => 'password',
// The field to store the user's timezone, or false to not store the timezone.
'timezoneField' => 'timezone',
// The field to store the user's activated status, or false to not support activation.
'activatedField' => 'activated',
// The field to store the user's activated status, or false to not support disabling.
'disabledField' => 'disabled',
// The user class to use for hybrid auth user storage.
'userHybridAuthClass' => 'AccountUserHybridAuth',
// The field to store the user's id.
'userIdField' => 'user_id',
// The field to store the provider name.
'providerField' => 'provider',
// The field to store the user's provider identifier.
'identifierField' => 'identifier',
// Set to false to send the user an email to activate their account.
'activatedAfterSignUp' => true,
// The route to use in the email when a user requests a new activation email.
'resendActivationUrl' => 'account/resendActivation',
// The UserIdentity class you use in your application.
'userIdentityClass' => 'AccountUserIdentity',
// The UserIdentity class you use in your application for hybrid auth logins.
'hybridAuthUserIdentityClass' => 'AccountHybridAuthUserIdentity',
// Default setting for Remember Me checkbox on login page.
'rememberDefault' => 0,
// How long before the Remember Me cookie expires.
'rememberDuration' => 2592000, // 30 days
// True if we should spool the emails, or false to send immediately.
'emailSpool' => true,
// The function that will send the activation email.
'emailCallbackActivate' => array('AccountEmailManager', 'sendAccountActivate'),
// The function that will send the welcome email.
'emailCallbackWelcome' => array('AccountEmailManager', 'sendAccountWelcome'),
// The function that will send the lost password email.
'emailCallbackLostPassword' => array('AccountEmailManager', 'sendAccountLostPassword'),
// If we should use reCaptcha.
'reCaptcha' => true,
// The number of login attempts before reCaptcha is used.
'reCaptchaLoginCount' => 3,
// Your public key for recaptcha.
'reCaptchaPublicKey' => '',
// Your private key for recaptcha.
'reCaptchaPrivateKey' => '',
// The server to use for recaptcha requests.
'reCaptchaServer' => 'http://www.google.com/recaptcha/api',
// The server to use for SSL recaptcha requests.
'reCaptchaSecureServer' => 'https://www.google.com/recaptcha/api',
// The server to use to verify recaptcha responses.
'reCaptchaVerifyServer' => 'www.google.com',
// Mapping from controller ID to controller configurations.
'controllerMap' => array(
'account' => 'account.controllers.AccountAccountController',
),
// Map of model info including relations and behaviors.
'modelMap' => array(),
// Refer to Hybrid_Auth docs http://hybridauth.sourceforge.net/userguide.html
'hybridAuthConfig' => array(
'base_url' => 'http://your.com/account/accountUser/hybridAuth', // url to the hybridAuth action
'providers' => array(
'google' => array(
'enabled' => true,
'name' => 'Google+',
'keys' => array(
'id' => '',
'secret' => '',
),
'scope' => '',
),
'facebook' => array(
'enabled' => true,
'name' => 'Facebook',
'keys' => array(
'id' => '',
'secret' => '',
),
'scope' => 'email,publish_stream',
'display' => '',
),
'twitter' => array(
'enabled' => true,
'name' => 'Twitter',
'keys' => array(
'key' => '',
'secret' => '',
),
),
'linkedin' => array(
'enabled' => true,
'name' => 'LinkedIn',
'keys' => array(
'key' => '',
'secret' => '',
),
),
'yahoo' => array(
'enabled' => true,
'name' => 'Yahoo!',
),
'openid' => array(
'enabled' => true,
'name' => 'OpenID',
),
),
),
// The path to YiiStrap.
// Only required if you do not want YiiStrap in your app config, for example, if you are running YiiBooster.
// Only required if you did not install using composer.
// Please note:
// - You must download YiiStrap even if you are using YiiBooster in your app.
// - When using this setting YiiStrap will only loaded in the menu interface (eg: index.php?r=menu).
'yiiStrapPath' => '/path/to/vendor/crisu83/yiistrap',
),
),
);
Add to your config/main.php
return array(
'components' => array(
'user' => array(
// your WebUser class
'class' => 'CWebUser',
// true to allow "Remember Me"
'allowAutoLogin' => true,
// the route to the login action (should start with a / to ensure it does not route to a module)
'loginUrl' => array('member/login'),
// attach the behavior for access to Yii::app()->user->getUser(),
// Yii::app()->user->addFlash() and Yii::app()->user->multiFlash()
'behaviors' => array(
'accountWebUser' => array(
'class' => 'account.components.AccountWebUserBehavior',
),
),
),
),
);
Add the following to your layout files (eg: views/layouts/column1.php),
just before echo $content;:
echo Yii::app()->user->multiFlash();
return array(
'components' => array(
'urlManager' => array(
'urlFormat' => isset($_GET['r']) ? 'get' : 'path', // auto-detection of get/path
'showScriptName' => false,
'rules' => array(
// user account actions at base level
'<action:(login|logout|signup|lostPassword)>' => '/site/<action>',
),
),
),
);
The account module will now allow all the default functionality, however you are probably using this module because you want to have control over the routing and be able to customise the views and classes.
To fully customise the actions, you can add them into any controller in your site, for this example we will use
AccountController. You may also use something like MemberController or
SiteController. Please note that you can only use
AccountController if you defined it in the controllerMap in your config/main.php because the route will go to the Account Module.
class AccountController extends CController
{
public function filters()
{
return array(
'accessControl',
);
}
public function accessRules()
{
return array(
array('allow',
'actions' => array('index', 'updateAccount', 'password', 'logout'),
'users' => array('@'),
),
array('allow',
'actions' => array('login', 'signup', 'activate', 'lostPassword', 'resetPassword', 'resendActivation'),
'users' => array('?'),
),
array('deny', 'users' => array('*')),
);
}
public function actions()
{
return array(
'signup' => array(
'class' => 'account.actions.AccountSignUpAction',
'view' => 'account.views.account.sign_up',
'formClass' => 'AccountSignUp',
'returnUrl' => null, // defaults to returnUrl or homeUrl depending on activatedAfterSignUp setting
),
'activate' => array(
'class' => 'account.actions.AccountActivateAction',
'formClass' => 'AccountActivate',
'returnUrl' => null, // defaults to homeUrl
),
'resendActivation' => array(
'class' => 'account.actions.AccountResendActivationAction',
'view' => 'account.views.account.resend_activation',
'formClass' => 'AccountResendActivation',
),
'lostPassword' => array(
'class' => 'account.actions.AccountLostPasswordAction',
'view' => 'account.views.account.lost_password',
'formClass' => 'AccountLostPassword',
),
'resetPassword' => array(
'class' => 'account.actions.AccountResetPasswordAction',
'view' => 'account.views.account.reset_password',
'formClass' => 'AccountResetPassword',
),
'login' => array(
'class' => 'account.actions.AccountLoginAction',
'view' => 'account.views.account.login',
'formClass' => 'AccountLogin',
),
'logout' => array(
'class' => 'account.actions.AccountLogoutAction',
),
'index' => array(
'class' => 'account.actions.AccountViewAction',
'view' => 'account.views.account.index',
),
'update' => array(
'class' => 'account.actions.AccountUpdateAction',
'view' => 'account.views.account.update',
'formClass' => 'AccountUpdate',
'returnUrl' => array('/account/index'),
),
'password' => array(
'class' => 'account.actions.AccountChangePasswordAction',
'view' => 'account.views.account.change_password',
'formClass' => 'AccountChangePassword',
'returnUrl' => array('/account/index'),
),
);
}
}
You can copy modules/account/views/account/* to
views/site/*, and modify the code to suit your application.
To extend the built-in actions, simply create a class that extends one of the built-in model or action classes,
then modify to suit your requirements. Once this is done you can update your
SiteController::actions() with the new class.
BSD-3-Clause, Copyright © 2013-2014 Mr PHP
