Commit dee0382c by Qiang Xue

Added `yii\base\InvalidValueException`.

Refactored `yii\web\User`.
parent f76dcdd9
...@@ -228,6 +228,7 @@ Yii Framework 2 Change Log ...@@ -228,6 +228,7 @@ Yii Framework 2 Change Log
- Chg: `yii\web\Request::cookieValidationKey` must be explicitly specified for each application that wants to use cookie validation (qiangxue) - Chg: `yii\web\Request::cookieValidationKey` must be explicitly specified for each application that wants to use cookie validation (qiangxue)
- New #3911: Added `yii\behaviors\SluggableBehavior` that fills the specified model attribute with the transliterated and adjusted version to use in URLs (creocoder) - New #3911: Added `yii\behaviors\SluggableBehavior` that fills the specified model attribute with the transliterated and adjusted version to use in URLs (creocoder)
- New #4193: Added `yii\filters\Cors` CORS filter to allow Cross Origin Resource Sharing (pgaultier) - New #4193: Added `yii\filters\Cors` CORS filter to allow Cross Origin Resource Sharing (pgaultier)
- New: Added `yii\base\InvalidValueException` (qiangxue)
2.0.0-beta April 13, 2014 2.0.0-beta April 13, 2014
......
<?php
/**
* @link http://www.yiiframework.com/
* @copyright Copyright (c) 2008 Yii Software LLC
* @license http://www.yiiframework.com/license/
*/
namespace yii\base;
/**
* InvalidValueException represents an exception caused by a function returning a value of unexpected type.
*
* @author Qiang Xue <qiang.xue@gmail.com>
* @since 2.0
*/
class InvalidValueException extends \UnexpectedValueException
{
/**
* @return string the user-friendly name of this exception
*/
public function getName()
{
return 'Invalid Return Value';
}
}
...@@ -10,6 +10,7 @@ namespace yii\web; ...@@ -10,6 +10,7 @@ namespace yii\web;
use Yii; use Yii;
use yii\base\Component; use yii\base\Component;
use yii\base\InvalidConfigException; use yii\base\InvalidConfigException;
use yii\base\InvalidValueException;
/** /**
* User is the class for the "user" application component that manages the user authentication status. * User is the class for the "user" application component that manages the user authentication status.
...@@ -186,11 +187,16 @@ class User extends Component ...@@ -186,11 +187,16 @@ class User extends Component
* *
* @param IdentityInterface|null $identity the identity object associated with the currently logged user. * @param IdentityInterface|null $identity the identity object associated with the currently logged user.
* If null, it means the current user will be a guest without any associated identity. * If null, it means the current user will be a guest without any associated identity.
* @throws InvalidValueException if `$identity` object does not implement [[IdentityInterface]].
*/ */
public function setIdentity($identity) public function setIdentity($identity)
{ {
$this->_identity = $identity; if ($identity instanceof IdentityInterface) {
$this->_access = []; $this->_identity = $identity;
$this->_access = [];
} else {
throw new InvalidValueException('The identity object must implement IdentityInterface.');
}
} }
/** /**
...@@ -219,7 +225,7 @@ class User extends Component ...@@ -219,7 +225,7 @@ class User extends Component
* Note that if [[enableSession]] is false, this parameter will be ignored. * Note that if [[enableSession]] is false, this parameter will be ignored.
* @return boolean whether the user is logged in * @return boolean whether the user is logged in
*/ */
public function login($identity, $duration = 0) public function login(IdentityInterface $identity, $duration = 0)
{ {
if ($this->beforeLogin($identity, false, $duration)) { if ($this->beforeLogin($identity, false, $duration)) {
$this->switchIdentity($identity, $duration); $this->switchIdentity($identity, $duration);
...@@ -274,21 +280,29 @@ class User extends Component ...@@ -274,21 +280,29 @@ class User extends Component
} }
$data = json_decode($value, true); $data = json_decode($value, true);
if (count($data) === 3 && isset($data[0], $data[1], $data[2])) { if (count($data) !== 3 || !isset($data[0], $data[1], $data[2])) {
list ($id, $authKey, $duration) = $data; return;
/* @var $class IdentityInterface */ }
$class = $this->identityClass;
$identity = $class::findIdentity($id); list ($id, $authKey, $duration) = $data;
if ($identity !== null && $identity->validateAuthKey($authKey)) { /* @var $class IdentityInterface */
if ($this->beforeLogin($identity, true, $duration)) { $class = $this->identityClass;
$this->switchIdentity($identity, $this->autoRenewCookie ? $duration : 0); $identity = $class::findIdentity($id);
$ip = Yii::$app->getRequest()->getUserIP(); if ($identity === null) {
Yii::info("User '$id' logged in from $ip via cookie.", __METHOD__); return;
$this->afterLogin($identity, true, $duration); } elseif (!$identity instanceof IdentityInterface) {
} throw new InvalidValueException("$class::findIdentity() must return an object implementing IdentityInterface.");
} elseif ($identity !== null) { }
Yii::warning("Invalid auth key attempted for user '$id': $authKey", __METHOD__);
if ($identity->validateAuthKey($authKey)) {
if ($this->beforeLogin($identity, true, $duration)) {
$this->switchIdentity($identity, $this->autoRenewCookie ? $duration : 0);
$ip = Yii::$app->getRequest()->getUserIP();
Yii::info("User '$id' logged in from $ip via cookie.", __METHOD__);
$this->afterLogin($identity, true, $duration);
} }
} else {
Yii::warning("Invalid auth key attempted for user '$id': $authKey", __METHOD__);
} }
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment