Class craft\web\User
- Inheritance
- craft\web\User » yii\web\User » yii\base\Component » yii\base\BaseObject
- Implements
- yii\base\Configurable
- Available since version
- 3.0
- Source Code
- https://github.com/craftcms/cms/blob/master/src/web/User.php
The User component provides APIs for managing the user authentication status.
An instance of the User component is globally accessible in Craft via craft\base\ApplicationTrait::getUser().
| Property | Type | Description | Defined By |
|---|---|---|---|
$absoluteAuthTimeout |
integer | The number of seconds in which the user will be logged out automatically regardless of activity. | yii\web\User |
$absoluteAuthTimeoutParam |
string | The session variable name used to store the value of absolute expiration timestamp of the authenticated state. | yii\web\User |
$acceptableRedirectTypes |
array | MIME types for which this component should redirect to the $loginUrl. | yii\web\User |
$accessChecker |
yii\rbac\CheckAccessInterface | The access checker to use for checking access. | yii\web\User |
$authTimeout |
integer | The number of seconds in which the user will be logged out automatically if he remains inactive. | yii\web\User |
$authTimeoutParam |
string | The session variable name used to store the value of expiration timestamp of the authenticated state. | yii\web\User |
$autoRenewCookie |
boolean | Whether to automatically renew the identity cookie each time a page is requested. | yii\web\User |
$elevatedSessionTimeoutParam |
string | The session variable name used to store the value of the expiration timestamp of the elevated session state. | craft\web\User |
$enableAutoLogin |
boolean | Whether to enable cookie-based login. | yii\web\User |
$enableSession |
boolean | Whether to use session to persist authentication status across multiple requests. | yii\web\User |
$idParam |
string | The session variable name used to store the value of \yii\web\id. | yii\web\User |
$identityClass |
string | The class name of the \yii\web\identity object. | yii\web\User |
$identityCookie |
array | The configuration of the identity cookie. | yii\web\User |
$loginUrl |
string, array | The URL for login when loginRequired() is called. | yii\web\User |
$returnUrlParam |
string | The session variable name used to store the value of \yii\web\returnUrl. | yii\web\User |
$usernameCookie |
array | The configuration of the username cookie. | craft\web\User |
| Method | Description | Defined By |
|---|---|---|
__call() |
Calls the named method which is not a class method. | yii\base\BaseObject |
__clone() |
This method is called after the object is created by cloning an existing one. | yii\base\Component |
__construct() |
Constructor. | yii\base\BaseObject |
__get() |
Returns the value of an object property. | yii\base\BaseObject |
__isset() |
Checks if a property is set, i.e. defined and not null. | yii\base\BaseObject |
__set() |
Sets value of an object property. | yii\base\BaseObject |
__unset() |
Sets an object property to null. | yii\base\BaseObject |
attachBehavior() |
Attaches a behavior to this component. | yii\base\Component |
attachBehaviors() |
Attaches a list of behaviors to the component. | yii\base\Component |
behaviors() |
Returns a list of behaviors that this component should behave as. | yii\base\Component |
can() |
Checks if the user can perform the operation as specified by the given permission. | yii\web\User |
canGetProperty() |
Returns a value indicating whether a property can be read. | yii\base\BaseObject |
canSetProperty() |
Returns a value indicating whether a property can be set. | yii\base\BaseObject |
checkPermission() |
Returns whether the current user has a given permission. | craft\web\User |
className() |
Returns the fully qualified name of this class. | yii\base\BaseObject |
destroyDebugPreferencesInSession() |
Removes the debug preferences from the session. | craft\web\User |
detachBehavior() |
Detaches a behavior from the component. | yii\base\Component |
detachBehaviors() |
Detaches all behaviors from the component. | yii\base\Component |
ensureBehaviors() |
Makes sure that the behaviors declared in behaviors() are attached to this component. | yii\base\Component |
getBehavior() |
Returns the named behavior object. | yii\base\Component |
getBehaviors() |
Returns all behaviors attached to this component. | yii\base\Component |
getElevatedSessionTimeout() |
Returns how many seconds are left in the current elevated user session. | craft\web\User |
getHasElevatedSession() |
Returns whether the user currently has an elevated session. | craft\web\User |
getId() |
Returns a value that uniquely represents the user. | yii\web\User |
getIdentity() |
Returns the identity object associated with the currently logged-in user. | yii\web\User |
getIsAdmin() |
Returns whether the current user is an admin. | craft\web\User |
getIsGuest() |
Returns a value indicating whether the user is a guest (not authenticated). | yii\web\User |
getRemainingSessionTime() |
Returns how many seconds are left in the current user session. | craft\web\User |
getRememberedUsername() |
Returns the username of the account that the browser was last logged in as. | craft\web\User |
getReturnUrl() |
Returns the URL that the browser should be redirected to after successful login. | craft\web\User |
hasEventHandlers() |
Returns a value indicating whether there is any handler attached to the named event. | yii\base\Component |
hasMethod() |
Returns a value indicating whether a method is defined. | yii\base\BaseObject |
hasProperty() |
Returns a value indicating whether a property is defined. | yii\base\BaseObject |
init() |
Initializes the object. | yii\base\BaseObject |
login() |
Logs in a user. | yii\web\User |
loginByAccessToken() |
Logs in a user by the given access token. | yii\web\User |
loginByUserId() |
Logs in a user by their ID | craft\web\User |
loginRequired() |
Redirects the user browser to the login page. | yii\web\User |
logout() |
Logs out the current user. | yii\web\User |
off() |
Detaches an existing event handler from this component. | yii\base\Component |
on() |
Attaches an event handler to an event. | yii\base\Component |
removeReturnUrl() |
Removes the stored return URL, if there is one. | craft\web\User |
saveDebugPreferencesToSession() |
Saves the logged-in user’s Debug toolbar preferences to the session. | craft\web\User |
sendUsernameCookie() |
Sends a username cookie. | craft\web\User |
setIdentity() |
Sets the user identity object. | yii\web\User |
setReturnUrl() |
Remembers the URL in the session so that it can be retrieved back later by getReturnUrl(). | yii\web\User |
startElevatedSession() |
Starts an elevated user session for the current user. | craft\web\User |
switchIdentity() |
Switches to a new identity for the current user. | yii\web\User |
trigger() |
Triggers an event. | yii\base\Component |
| Method | Description | Defined By |
|---|---|---|
afterLogin() |
This method is called after the user is successfully logged in. | craft\web\User |
afterLogout() |
This method is invoked right after a user is logged out via logout(). | craft\web\User |
beforeLogin() |
This method is called before logging in a user. | craft\web\User |
beforeLogout() |
This method is invoked when calling logout() to log out a user. | yii\web\User |
checkRedirectAcceptable() |
Checks if the Accept header contains a content type that allows redirection to the login page. |
yii\web\User |
getAccessChecker() |
Returns the access checker used for checking access. | yii\web\User |
getAuthManager() |
Returns auth manager associated with the user component. | yii\web\User |
getIdentityAndDurationFromCookie() |
Determines if an identity cookie has a valid format and contains a valid auth key. | yii\web\User |
loginByCookie() |
Logs in a user by cookie. | yii\web\User |
regenerateCsrfToken() |
Regenerates CSRF token | yii\web\User |
removeIdentityCookie() |
Removes the identity cookie. | yii\web\User |
renewAuthStatus() |
Updates the authentication status using the information from session and cookie. | craft\web\User |
renewIdentityCookie() |
Renews the identity cookie. | craft\web\User |
sendIdentityCookie() |
Sends an identity cookie. | yii\web\User |
| Constant | Value | Description | Defined By |
|---|---|---|---|
EVENT_AFTER_LOGIN |
'afterLogin' | yii\web\User | |
EVENT_AFTER_LOGOUT |
'afterLogout' | yii\web\User | |
EVENT_BEFORE_LOGIN |
'beforeLogin' | yii\web\User | |
EVENT_BEFORE_LOGOUT |
'beforeLogout' | yii\web\User |
Property Details
$elevatedSessionTimeoutParam
public property
#
The session variable name used to store the value of the expiration timestamp of the elevated session state.
public string $elevatedSessionTimeoutParam = '__elevated_timeout'
$usernameCookie
public property
#
The configuration of the username cookie.
See also yii\web\Cookie.
public array $usernameCookie = nullMethod Details
afterLogin()
protected method
#
This method is called after the user is successfully logged in.
The default implementation will trigger the EVENT_AFTER_LOGIN event. If you override this method, make sure you call the parent implementation so that the event is triggered.
protected void afterLogin ( $identity, $cookieBased, $duration )$identity |
yii\web\IdentityInterface | The user identity information |
$cookieBased |
boolean | Whether the login is cookie-based |
$duration |
integer | Number of seconds that the user can remain in logged-in status. If 0, it means login till the user closes the browser or the session is manually destroyed. |
afterLogout()
protected method
#
This method is invoked right after a user is logged out via logout().
The default implementation will trigger the EVENT_AFTER_LOGOUT event. If you override this method, make sure you call the parent implementation so that the event is triggered.
protected void afterLogout ( $identity )$identity |
yii\web\IdentityInterface | The user identity information |
beforeLogin()
protected method
#
This method is called before logging in a user.
The default implementation will trigger the EVENT_BEFORE_LOGIN event. If you override this method, make sure you call the parent implementation so that the event is triggered.
protected boolean beforeLogin ( $identity, $cookieBased, $duration )$identity |
yii\web\IdentityInterface | The user identity information |
$cookieBased |
boolean | Whether the login is cookie-based |
$duration |
integer | Number of seconds that the user can remain in logged-in status. If 0, it means login till the user closes the browser or the session is manually destroyed. |
| return | boolean | Whether the user should continue to be logged in |
|---|
checkPermission()
public method
#
Returns whether the current user has a given permission.
public boolean checkPermission ( \craft\web\string $permissionName )$permissionName |
string | The name of the permission. |
| return | boolean | Whether the current user has the permission. |
|---|
destroyDebugPreferencesInSession()
public method
#
Removes the debug preferences from the session.
public void destroyDebugPreferencesInSession ( )
getElevatedSessionTimeout()
public method
#
Returns how many seconds are left in the current elevated user session.
public integer, boolean getElevatedSessionTimeout ( )| return | integer, boolean | The number of seconds left in the current elevated user session or false if it has been disabled. |
|---|
getHasElevatedSession()
public method
#
Returns whether the user currently has an elevated session.
public boolean getHasElevatedSession ( )| return | boolean | Whether the user currently has an elevated session |
|---|
getIsAdmin()
public method
#
Returns whether the current user is an admin.
public boolean getIsAdmin ( )| return | boolean | Whether the current user is an admin. |
|---|
getRemainingSessionTime()
public method
#
Returns how many seconds are left in the current user session.
public integer getRemainingSessionTime ( )| return | integer | The seconds left in the session, or -1 if their session will expire when their HTTP session ends. |
|---|
getRememberedUsername()
public method
#
Returns the username of the account that the browser was last logged in as.
public string, null getRememberedUsername ( )
getReturnUrl()
public method
#
Returns the URL that the browser should be redirected to after successful login.
This method reads the return URL from the session. It is usually used by the login action which may call this method to redirect the browser to where it goes after successful authentication.
public string getReturnUrl ( $defaultUrl = null )$defaultUrl |
string, array | The default return URL in case it was not set previously. If this is null and the return URL was not set previously, craft\web\Application::homeUrl will be redirected to. Please refer to setReturnUrl() on accepted format of the URL. |
| return | string | The URL that the user should be redirected to after login. |
|---|
loginByUserId()
public method
#
Logs in a user by their ID
public boolean loginByUserId ( \craft\web\int $userId, \craft\web\int $duration = 0 )$userId |
integer | The user’s ID |
$duration |
integer | The number of seconds that the user can remain in logged-in status. Defaults to 0, meaning login till the user closes the browser or the session is manually destroyed. If greater than 0 and $enableAutoLogin is true, cookie-based login will be supported. Note that if $enableSession is false, this parameter will be ignored. |
| return | boolean | Whether the user is logged in |
|---|
removeReturnUrl()
public method
#
Removes the stored return URL, if there is one.
See also getReturnUrl().
public void removeReturnUrl ( )
renewAuthStatus()
protected method
#
Updates the authentication status using the information from session and cookie.
This method will try to determine the user identity using the $idParam session variable.
If $authTimeout is set, this method will refresh the timer.
If the user identity cannot be determined by session, this method will try to login by cookie if $enableAutoLogin is true.
protected void renewAuthStatus ( )
renewIdentityCookie()
protected method
#
Renews the identity cookie.
This method will set the expiration time of the identity cookie to be the current time plus the originally specified cookie duration.
protected void renewIdentityCookie ( )
saveDebugPreferencesToSession()
public method
#
Saves the logged-in user’s Debug toolbar preferences to the session.
public void saveDebugPreferencesToSession ( )
sendUsernameCookie()
public method
#
Sends a username cookie.
This method is used after a user is logged in. It saves the logged-in user's username in a cookie, so that login forms can remember the initial Username value on login forms.
See also afterLogin().
public void sendUsernameCookie ( craft\elements\User $user )$user |
craft\elements\User |
startElevatedSession()
public method
#
Starts an elevated user session for the current user.
public boolean startElevatedSession ( \craft\web\string $password )$password |
string | The current user’s password |
| return | boolean | Whether the password was valid, and the user session has been elevated |
|---|