<?namespace common\models;use Yii;use yii\db\ActiveRecord;use yii\web\Iden

1. <?
2.  
3. namespace common\models;
4.  
5. use Yii;
6. use yii\db\ActiveRecord;
7. use yii\web\IdentityInterface;
8. use yii\behaviors\TimestampBehavior;
9. use yii\base\NotSupportedException;
10.  
11. /**
12. * User model
13. *
14. * @property integer $id
15. * @property string $username
16. * @property string $password_hash
17. * @property string $password_reset_token
18. * @property string $email
19. * @property string $auth_key
20. * @property integer $role
21. * @property integer $status
22. * @property integer $created_at
23. * @property integer $updated_at
24. * @property string $password write-only password
25. */
26. class User extends ActiveRecord implements IdentityInterface
27. {
28. const STATUS_DELETED = 0;
29. const STATUS_ACTIVE = 10;
30. const ROLE_USER = 10;
31.  
32. /**
33. * @inheritdoc
34. */
35. public static function tableName()
36. {
37. return '{{%user}}';
38. }
39.  
40. /**
41. * @inheritdoc
42. */
43. public function behaviors()
44. {
45. return [
46. TimestampBehavior::className(),
47. ];
48.  
49. }
50.  
51. /**
52. * @inheritdoc
53. */
54. public function rules()
55. {
56. return [
57. ['status', 'default', 'value' => self::STATUS_ACTIVE],
58. ['status', 'in', 'range' => [self::STATUS_ACTIVE, self::STATUS_DELETED]],
59.  
60. ['role', 'default', 'value' => self::ROLE_USER],
61. ['role', 'in', 'range' => [self::ROLE_USER]],
62. ];
63. }
64.  
65. /**
66. * @inheritdoc
67. */
68. public static function findIdentity($id)
69. {
70. return static::findOne(['id' => $id, 'status' => self::STATUS_ACTIVE]);
71. }
72.  
73. /**
74. * @inheritdoc
75. */
76. public static function findIdentityByAccessToken($token, $type = null)
77. {
78. throw new NotSupportedException('"findIdentityByAccessToken" is not implemented.');
79. }
80.  
81. /**
82. * Finds user by username
83. *
84. * @param string $username
85. * @return static|null
86. */
87. public static function findByUsername($username)
88. {
89. return static::findOne(['username' => $username, 'status' => self::STATUS_ACTIVE]);
90. }
91.  
92. /**
93. * Finds user by password reset token
94. *
95. * @param string $token password reset token
96. * @return static|null
97. */
98. public static function findByPasswordResetToken($token)
99. {
100. if (!static::isPasswordResetTokenValid($token)) {
101. return null;
102. }
103.  
104. return static::findOne([
105. 'password_reset_token' => $token,
106. 'status' => self::STATUS_ACTIVE,
107. ]);
108. }
109.  
110. /**
111. * Finds out if password reset token is valid
112. *
113. * @param string $token password reset token
114. * @return boolean
115. */
116. public static function isPasswordResetTokenValid($token)
117. {
118. if (empty($token)) {
119. return false;
120. }
121. $expire = Yii::$app->params['user.passwordResetTokenExpire'];
122. $parts = explode('_', $token);
123. $timestamp = (int) end($parts);
124. return $timestamp + $expire >= time();
125. }
126.  
127. /**
128. * @inheritdoc
129. */
130. public function getId()
131. {
132. return $this->getPrimaryKey();
133. }
134.  
135. /**
136. * @inheritdoc
137. */
138. public function getAuthKey()
139. {
140. return $this->auth_key;
141. }
142.  
143. /**
144. * @inheritdoc
145. */
146. public function validateAuthKey($authKey)
147. {
148. return $this->getAuthKey() === $authKey;
149. }
150.  
151. /**
152. * Validates password
153. *
154. * @param string $password password to validate
155. * @return boolean if password provided is valid for current user
156. */
157. public function validatePassword($password)
158. {
159. return Yii::$app->security->validatePassword($password, $this->password_hash);
160. }
161.  
162. /**
163. * Generates password hash from password and sets it to the model
164. *
165. * @param string $password
166. */
167. public function setPassword($password)
168. {
169. $this->password_hash = Yii::$app->security->generatePasswordHash($password);
170. }
171.  
172. /**
173. * Generates "remember me" authentication key
174. */
175. public function generateAuthKey()
176. {
177. $this->auth_key = Yii::$app->security->generateRandomString();
178. }
179.  
180. /**
181. * Generates new password reset token
182. */
183. public function generatePasswordResetToken()
184. {
185. $this->password_reset_token = Yii::$app->security->generateRandomString() . '_' . time();
186. }
187.  
188. /**
189. * Removes password reset token
190. */
191. public function removePasswordResetToken()
192. {
193. $this->password_reset_token = null;
194. }
195.  
196. /******** SPEED ********/
197.  
198. public static function populateRecord($record, $row)
199. {
200. \yii\db\BaseActiveRecord::populateRecord($record, $row);
201. }
202. }
203.  
204.  
205. ------------------------------------------------------------------------------
206. Site Controller
207.  
208. /**
209. * @inheritdoc
210. */
211. public function behaviors()
212. {
213. return [
214. 'access' => [
215. 'class' => AccessControl::className(),
216. 'rules' => [
217. [
218. 'actions' => ['auth','login', 'error'],
219. 'allow' => true,
220. ],
221. [
222. 'actions' => ['info','logout','profile','search','preview-styles'],
223. 'allow' => true,
224. 'roles' => ['@'],
225. ],
226. ],
227. ],
228. 'verbs' => [
229. 'class' => VerbFilter::className(),
230. 'actions' => [
231. // 'logout' => ['post'],
232. ],
233. ],
234. ];
235. }
236.  
237.  
238. ----------------------------------------
239.  
240.  
241. /**
242. * Login
243. */
244. public function actionLogin()
245. {
246. if (!Yii::$app->user->isGuest)
247. {
248. return $this->goHome();
249. }
250.  
251. $model = new LoginForm();
252.  
253. if ($model->load(Yii::$app->request->post()) && $model->login())
254. {
255. return $this->goBack();
256. }
257. else
258. {
259. $this->layout = 'login';
260. return $this->render('login', ['model' => $model]);
261. }
262. }
263.  
264. /**
265. * Logout
266. */
267. public function actionLogout()
268. {
269. Yii::$app->user->logout();
270. return $this->goHome();
271. }
272.  
273. /**
274. * Profile
275. */
276. public function actionProfile()
277. {
278. if (isset($_POST['update']))
279. {
280. $user = User::findIdentity(Yii::$app->user->identity->id);
281.  
282. $oldPassword = Yii::$app->request->post('oldPassword');
283. if(!empty($oldPassword))
284. {
285. if($user->validatePassword(Yii::$app->request->post('oldPassword')))
286. {
287. if(Yii::$app->request->post('newPassword') == Yii::$app->request->post('confirmPassword'))
288. {
289. $user->setPassword(Yii::$app->request->post('newPassword'));
290. }
291. else
292. {
293. Yii::$app->session->setFlash('alert', 'New Password does not match the confirm password.');
294. Yii::$app->session->setFlash('alert-type', 'alert-danger');
295. return $this->redirect(['profile']);
296. }
297. }
298. else
299. {
300. Yii::$app->session->setFlash('alert', 'The password you entered is incorrect.');
301. Yii::$app->session->setFlash('alert-type', 'alert-danger');
302. return $this->redirect(['profile']);
303. }
304. }
305.  
306. $user->email = Yii::$app->request->post('email');
307. $user->save();
308. Yii::$app->session->setFlash('alert', 'Profile is updated successfully.');
309. Yii::$app->session->setFlash('alert-type', 'alert-info');
310. return $this->redirect(['profile']);
311. }
312.  
313. return $this->render('profile');
314. }
315.  
316. -------------------------------------------
317.  
318. Ship Controller
319.  
320. /**
321. * @inheritdoc
322. */
323. public function behaviors()
324. {
325. return [
326. 'access' => [
327. 'class' => AccessControl::className(),
328. 'rules' => [
329. [
330. 'actions' => [],
331. 'allow' => true,
332. 'roles' => ['@'],
333. ],
334. ],
335. ],
336. 'verbs' => [
337. 'class' => VerbFilter::className(),
338. 'actions' => [
339. 'delete' => ['post'],
340. ],
341. ],
342. ];
343. }