* Note, you have to set {@link enableAutoLogin} to true
* Note, you have to set {@link enableAutoLogin} to true
* if you want to allow user to be authenticated based on the cookie information.
* if you want to allow user to be authenticated based on the cookie information.
*
*
* @param IUserIdentity $identity the user identity (which should already be authenticated)
* @param Identity $identity the user identity (which should already be authenticated)
* @param integer $duration number of seconds that the user can remain in logged-in status. Defaults to 0, meaning login till the user closes the browser.
* @param integer $duration number of seconds that the user can remain in logged-in status. Defaults to 0, meaning login till the user closes the browser.
* If greater than 0, cookie-based login will be used. In this case, {@link enableAutoLogin}
* If greater than 0, cookie-based login will be used. In this case, {@link enableAutoLogin}
* must be set true, otherwise an exception will be thrown.
* must be set true, otherwise an exception will be thrown.
...
@@ -109,23 +151,43 @@ class User extends Component
...
@@ -109,23 +151,43 @@ class User extends Component
@@ -346,194 +386,162 @@ class User extends Component
...
@@ -346,194 +386,162 @@ class User extends Component
* This method is used when automatic login ({@link enableAutoLogin}) is enabled.
* This method is used when automatic login ({@link enableAutoLogin}) is enabled.
* This method saves user ID, username, other identity states and a validation key to cookie.
* This method saves user ID, username, other identity states and a validation key to cookie.
* These information are used to do authentication next time when user visits the application.
* These information are used to do authentication next time when user visits the application.
* @param Identity $identity
* @param integer $duration number of seconds that the user can remain in logged-in status. Defaults to 0, meaning login till the user closes the browser.
* @param integer $duration number of seconds that the user can remain in logged-in status. Defaults to 0, meaning login till the user closes the browser.