Yii2:使用确切原因自定义登录失败消息
Yii2: Customize login failure message with exact reason
我想在 Yii2 中自定义登录失败消息。
现在,当我输入错误的 username 或错误的 password 时,它会显示相同的消息。
现在我在 user table 中有一栏,即 is_verified
如果验证了用户电子邮件,那么我将此字段的值设置为 1 else 0
如果用户注册但未验证他的电子邮件 is_verified=0
的值
现在,如果用户想要登录,则显示 Incorrect username or password.
但我想告诉用户,他的电子邮件未经过验证。
在LoginForm.php中一个函数validatePassword将通过这个错误
public function validatePassword($attribute, $params) {
if (!$this->hasErrors()) {
$user = $this->getUser();
if (!$user || !$user->validatePassword($this->password)) {
$this->addError($attribute, 'Incorrect username or password.');
}
}
}
请帮忙解决这个问题,或者告诉我如何覆盖默认登录功能
我正在使用 yii2-basic-app
还有一件事 $user = $this->getUser(); 这将 return 只有那些 status=10
默认情况下,我设置用户 status=0 直到他不验证他的电子邮件
想做什么:
if(username not exist in db){
echo "username not found in db";
}elseif(password not valid){
echo "password not valid";
}elseif(is_verified=0){
echo "email not verified";
}elseif(status = 0){
echo "account is deactive";
}
代码来自 app\models\User.php
/**
* @inheritdoc
*/
public static function findIdentity($id) {
return static::findOne(['id' => $id, 'status' => self::STATUS_ACTIVE]);
}
/**
* @inheritdoc
*/
public static function findIdentityByAccessToken($token, $type = null) {
throw new NotSupportedException('"findIdentityByAccessToken" is not implemented.');
}
/**
* Finds user by username
*
* @param string $username
* @return static|null
*/
public static function findByUsername($username) {
return static::findOne(['email' => $username, 'status' => self::STATUS_ACTIVE]);
}
/**
* Finds user by password reset token
*
* @param string $token password reset token
* @return static|null
*/
public static function findByPasswordResetToken($token) {
if (!static::isPasswordResetTokenValid($token)) {
return null;
}
return static::findOne([
'password_reset_token' => $token,
'status' => self::STATUS_ACTIVE,
]);
}
/**
* Finds out if password reset token is valid
*
* @param string $token password reset token
* @return boolean
*/
public static function isPasswordResetTokenValid($token) {
if (empty($token)) {
return false;
}
$expire = Yii::$app->params['user.passwordResetTokenExpire'];
$parts = explode('_', $token);
$timestamp = (int) end($parts);
return $timestamp + $expire >= time();
}
/**
* @inheritdoc
*/
public function getId() {
return $this->getPrimaryKey();
}
/**
* @inheritdoc
*/
public function getAuthKey() {
return $this->auth_key;
}
/**
* @inheritdoc
*/
public function validateAuthKey($authKey) {
return $this->getAuthKey() === $authKey;
}
/**
* Validates password
*
* @param string $password password to validate
* @return boolean if password provided is valid for current user
*/
public function validatePassword($password) {
return Yii::$app->security->validatePassword($password, $this->password_hash);
}
/**
* Generates password hash from password and sets it to the model
*
* @param string $password
*/
public function setPassword($password) {
$this->password_hash = Yii::$app->security->generatePasswordHash($password);
}
/**
* Generates "remember me" authentication key
*/
public function generateAuthKey() {
$this->auth_key = Yii::$app->security->generateRandomString();
}
/**
* Generates new password reset token
*/
public function generatePasswordResetToken() {
$this->password_reset_token = Yii::$app->security->generateRandomString() . '_' . time();
}
/**
* Removes password reset token
*/
public function removePasswordResetToken() {
$this->password_reset_token = null;
}
代码来自 app\models\LoginForm.php
/**
* Validates the password.
* This method serves as the inline validation for password.
*
* @param string $attribute the attribute currently being validated
* @param array $params the additional name-value pairs given in the rule
*/
public function validatePassword($attribute, $params) {
if (!$this->hasErrors()) {
$user = $this->getUser();
if (!$user || !$user->validatePassword($this->password)) {
$this->addError($attribute, 'Incorrect username or password.');
}
}
}
/**
* Logs in a user using the provided username and password.
*
* @return boolean whether the user is logged in successfully
*/
public function login() {
if ($this->validate()) {
return Yii::$app->user->login($this->getUser(), $this->rememberMe ? 3600 * 24 * 30 : 0);
} else {
return false;
}
}
/**
* Finds user by [[username]]
*
* @return User|null
*/
public function getUser() {
if ($this->_user === false) {
$this->_user = User::findByusername($this->username);
}
return $this->_user;
}
谢谢。
您可以分别检查条件 !$user 和 !$user->validatePassword($this->password)
public function validatePassword($attribute, $params) {
if (!$this->hasErrors()) {
$user = $this->getUser();
if (!$user |) {
$this->addError($attribute, 'Invalid username.');
return;
}
if ( !$user->validatePassword($this->password)) {
$this->addError($attribute, 'Incorrect password.');
return;
}
}
}
您可以检查用户是否以这种方式正确设置
假设您有一个用户模型 Class
$checkUser = User::find()->where('username' => $your_userName)->one();
if isset($checkUser){
if($checkUser->status = 0 ){
// User not activated
}
} else {
// user not present
}
查看您的代码,您可以检查输入的用户名是否已启用,例如:
public function login() {
if ($this->validate()) {
if ( User::find()->where(['username' => $this->username , 'status' => 0 ) {
// mean the user is not validated ..
$this->addError($attribute, 'User not validated .. ');
return false
} else {
return Yii::$app->user->login($this->getUser(), $this->rememberMe ? 3600 * 24 * 30 : 0);
}
} else {
return false;
}
}
覆盖 beforeValidate() 函数并添加您的检查。
即:
public function beforeValidate()
{
if (parent::beforeValidate()) {
$this->user = findUserByUsernameOrEmail(trim($this->username));
if ($this->user !== null && $this->user->is_verified === 0) {
$this->addError('username' , ' Email not verified....etc' );
}
}
}
据我了解,函数将:
public function validatePassword($attribute, $params) {
if (!$this->hasErrors()) {
$user = $this->getUser();
if (!$user || !$user->validatePassword($this->password)) {
$this->addError($attribute, 'Incorrect username or password.');
return false;
}
if(!$user->is_verified){
$this->addError('username', 'Email is not verified.');
return false;
}
}
}
当然,如果您从数据库获取用户,在其他情况下,您必须在 User 或 LoginForm 模型中再编写一个方法来从数据库获取电子邮件状态,使用 ActiveRecords,例如:
public function validatePassword($attribute, $params) {
if (!$this->hasErrors()) {
$user = $this->getUser();
if (!$user || !$user->validatePassword($this->password)) {
$this->addError($attribute, 'Incorrect username or password.');
return false;
}
if(!$user->getUserEmailStatus()){
$this->addError('username', 'Email is not verified.');
return false;
}
}
}
我找到了解决方案,现在它按我预期的那样工作。
所有功劳归于 @scaisEdge。
我从他的建议中得到想法。现在我发布实际有效的代码:
public function validatePassword($attribute, $params) {
if (!$this->hasErrors()) {
$user = $this->getUser();
if (!$user) {
$this->addError("username", 'Invalid username.');
return;
}
if (!$user->validatePassword($this->password)) {
$this->addError($attribute, 'Incorrect password.');
return;
}
if (User::find()->where(['email' => $this->username])->andwhere(['verified' => 0])->one()) {
$this->addError("username", 'email not varified ');
return;
}
if (User::find()->where(['username' => $this->username])->andwhere(['status' => 0])->one()) {
$this->addError($attribute, 'account is not active');
return;
}
}
}
感谢所有回答的人,感谢您为我抽出一些时间。
我发布了这个答案,以便其他人可以从中获得帮助。
我想在 Yii2 中自定义登录失败消息。
现在,当我输入错误的 username 或错误的 password 时,它会显示相同的消息。
现在我在 user table 中有一栏,即 is_verified
如果验证了用户电子邮件,那么我将此字段的值设置为 1 else 0
如果用户注册但未验证他的电子邮件 is_verified=0
现在,如果用户想要登录,则显示 Incorrect username or password.
但我想告诉用户,他的电子邮件未经过验证。
在LoginForm.php中一个函数validatePassword将通过这个错误
public function validatePassword($attribute, $params) {
if (!$this->hasErrors()) {
$user = $this->getUser();
if (!$user || !$user->validatePassword($this->password)) {
$this->addError($attribute, 'Incorrect username or password.');
}
}
}
请帮忙解决这个问题,或者告诉我如何覆盖默认登录功能
我正在使用 yii2-basic-app
还有一件事 $user = $this->getUser(); 这将 return 只有那些 status=10
默认情况下,我设置用户 status=0 直到他不验证他的电子邮件
想做什么:
if(username not exist in db){
echo "username not found in db";
}elseif(password not valid){
echo "password not valid";
}elseif(is_verified=0){
echo "email not verified";
}elseif(status = 0){
echo "account is deactive";
}
代码来自 app\models\User.php
/**
* @inheritdoc
*/
public static function findIdentity($id) {
return static::findOne(['id' => $id, 'status' => self::STATUS_ACTIVE]);
}
/**
* @inheritdoc
*/
public static function findIdentityByAccessToken($token, $type = null) {
throw new NotSupportedException('"findIdentityByAccessToken" is not implemented.');
}
/**
* Finds user by username
*
* @param string $username
* @return static|null
*/
public static function findByUsername($username) {
return static::findOne(['email' => $username, 'status' => self::STATUS_ACTIVE]);
}
/**
* Finds user by password reset token
*
* @param string $token password reset token
* @return static|null
*/
public static function findByPasswordResetToken($token) {
if (!static::isPasswordResetTokenValid($token)) {
return null;
}
return static::findOne([
'password_reset_token' => $token,
'status' => self::STATUS_ACTIVE,
]);
}
/**
* Finds out if password reset token is valid
*
* @param string $token password reset token
* @return boolean
*/
public static function isPasswordResetTokenValid($token) {
if (empty($token)) {
return false;
}
$expire = Yii::$app->params['user.passwordResetTokenExpire'];
$parts = explode('_', $token);
$timestamp = (int) end($parts);
return $timestamp + $expire >= time();
}
/**
* @inheritdoc
*/
public function getId() {
return $this->getPrimaryKey();
}
/**
* @inheritdoc
*/
public function getAuthKey() {
return $this->auth_key;
}
/**
* @inheritdoc
*/
public function validateAuthKey($authKey) {
return $this->getAuthKey() === $authKey;
}
/**
* Validates password
*
* @param string $password password to validate
* @return boolean if password provided is valid for current user
*/
public function validatePassword($password) {
return Yii::$app->security->validatePassword($password, $this->password_hash);
}
/**
* Generates password hash from password and sets it to the model
*
* @param string $password
*/
public function setPassword($password) {
$this->password_hash = Yii::$app->security->generatePasswordHash($password);
}
/**
* Generates "remember me" authentication key
*/
public function generateAuthKey() {
$this->auth_key = Yii::$app->security->generateRandomString();
}
/**
* Generates new password reset token
*/
public function generatePasswordResetToken() {
$this->password_reset_token = Yii::$app->security->generateRandomString() . '_' . time();
}
/**
* Removes password reset token
*/
public function removePasswordResetToken() {
$this->password_reset_token = null;
}
代码来自 app\models\LoginForm.php
/**
* Validates the password.
* This method serves as the inline validation for password.
*
* @param string $attribute the attribute currently being validated
* @param array $params the additional name-value pairs given in the rule
*/
public function validatePassword($attribute, $params) {
if (!$this->hasErrors()) {
$user = $this->getUser();
if (!$user || !$user->validatePassword($this->password)) {
$this->addError($attribute, 'Incorrect username or password.');
}
}
}
/**
* Logs in a user using the provided username and password.
*
* @return boolean whether the user is logged in successfully
*/
public function login() {
if ($this->validate()) {
return Yii::$app->user->login($this->getUser(), $this->rememberMe ? 3600 * 24 * 30 : 0);
} else {
return false;
}
}
/**
* Finds user by [[username]]
*
* @return User|null
*/
public function getUser() {
if ($this->_user === false) {
$this->_user = User::findByusername($this->username);
}
return $this->_user;
}
谢谢。
您可以分别检查条件 !$user 和 !$user->validatePassword($this->password)
public function validatePassword($attribute, $params) {
if (!$this->hasErrors()) {
$user = $this->getUser();
if (!$user |) {
$this->addError($attribute, 'Invalid username.');
return;
}
if ( !$user->validatePassword($this->password)) {
$this->addError($attribute, 'Incorrect password.');
return;
}
}
}
您可以检查用户是否以这种方式正确设置
假设您有一个用户模型 Class
$checkUser = User::find()->where('username' => $your_userName)->one();
if isset($checkUser){
if($checkUser->status = 0 ){
// User not activated
}
} else {
// user not present
}
查看您的代码,您可以检查输入的用户名是否已启用,例如:
public function login() {
if ($this->validate()) {
if ( User::find()->where(['username' => $this->username , 'status' => 0 ) {
// mean the user is not validated ..
$this->addError($attribute, 'User not validated .. ');
return false
} else {
return Yii::$app->user->login($this->getUser(), $this->rememberMe ? 3600 * 24 * 30 : 0);
}
} else {
return false;
}
}
覆盖 beforeValidate() 函数并添加您的检查。
即:
public function beforeValidate()
{
if (parent::beforeValidate()) {
$this->user = findUserByUsernameOrEmail(trim($this->username));
if ($this->user !== null && $this->user->is_verified === 0) {
$this->addError('username' , ' Email not verified....etc' );
}
}
}
据我了解,函数将:
public function validatePassword($attribute, $params) {
if (!$this->hasErrors()) {
$user = $this->getUser();
if (!$user || !$user->validatePassword($this->password)) {
$this->addError($attribute, 'Incorrect username or password.');
return false;
}
if(!$user->is_verified){
$this->addError('username', 'Email is not verified.');
return false;
}
}
}
当然,如果您从数据库获取用户,在其他情况下,您必须在 User 或 LoginForm 模型中再编写一个方法来从数据库获取电子邮件状态,使用 ActiveRecords,例如:
public function validatePassword($attribute, $params) {
if (!$this->hasErrors()) {
$user = $this->getUser();
if (!$user || !$user->validatePassword($this->password)) {
$this->addError($attribute, 'Incorrect username or password.');
return false;
}
if(!$user->getUserEmailStatus()){
$this->addError('username', 'Email is not verified.');
return false;
}
}
}
我找到了解决方案,现在它按我预期的那样工作。
所有功劳归于 @scaisEdge。
我从他的建议中得到想法。现在我发布实际有效的代码:
public function validatePassword($attribute, $params) {
if (!$this->hasErrors()) {
$user = $this->getUser();
if (!$user) {
$this->addError("username", 'Invalid username.');
return;
}
if (!$user->validatePassword($this->password)) {
$this->addError($attribute, 'Incorrect password.');
return;
}
if (User::find()->where(['email' => $this->username])->andwhere(['verified' => 0])->one()) {
$this->addError("username", 'email not varified ');
return;
}
if (User::find()->where(['username' => $this->username])->andwhere(['status' => 0])->one()) {
$this->addError($attribute, 'account is not active');
return;
}
}
}
感谢所有回答的人,感谢您为我抽出一些时间。
我发布了这个答案,以便其他人可以从中获得帮助。