diff --git a/backend/controllers/BlogController.php b/backend/controllers/BlogController.php index 1963d1b..442fd7e 100644 --- a/backend/controllers/BlogController.php +++ b/backend/controllers/BlogController.php @@ -9,24 +9,37 @@ use common\models\BlogSearch; use yii\web\Controller; use yii\web\NotFoundHttpException; use yii\filters\VerbFilter; - +use yii\filters\AccessControl; /** * BlogController implements the CRUD actions for Blog model. */ class BlogController extends Controller { - public $layout = '/admin'; /** * @inheritdoc */ public function behaviors() { return [ + 'access' => [ + 'class' => AccessControl::className(), + 'rules' => [ + [ + 'actions' => ['login', 'error'], + 'allow' => true, + ], + [ + 'actions' => ['logout', 'index'], + 'allow' => true, + 'roles' => ['@'], + ], + ], + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ - 'delete' => ['POST'], + 'logout' => ['post'], ], ], ]; diff --git a/backend/controllers/BrandController.php b/backend/controllers/BrandController.php index 84ff5f6..a148c1c 100644 --- a/backend/controllers/BrandController.php +++ b/backend/controllers/BrandController.php @@ -8,7 +8,7 @@ use common\modules\product\models\BrandSearch; use yii\web\Controller; use yii\web\NotFoundHttpException; use yii\filters\VerbFilter; - +use yii\filters\AccessControl; /** * BrandController implements the CRUD actions for Brand model. */ @@ -20,10 +20,24 @@ class BrandController extends Controller public function behaviors() { return [ + 'access' => [ + 'class' => AccessControl::className(), + 'rules' => [ + [ + 'actions' => ['login', 'error'], + 'allow' => true, + ], + [ + 'actions' => ['logout', 'index'], + 'allow' => true, + 'roles' => ['@'], + ], + ], + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ - 'delete' => ['POST'], + 'logout' => ['post'], ], ], ]; diff --git a/backend/controllers/CategoryController.php b/backend/controllers/CategoryController.php index 6844d47..4aeaa4c 100644 --- a/backend/controllers/CategoryController.php +++ b/backend/controllers/CategoryController.php @@ -10,7 +10,7 @@ use yii\helpers\ArrayHelper; use yii\web\Controller; use yii\web\NotFoundHttpException; use yii\filters\VerbFilter; - +use yii\filters\AccessControl; /** * CategoryController implements the CRUD actions for Category model. */ @@ -22,10 +22,24 @@ class CategoryController extends Controller public function behaviors() { return [ + 'access' => [ + 'class' => AccessControl::className(), + 'rules' => [ + [ + 'actions' => ['login', 'error'], + 'allow' => true, + ], + [ + 'actions' => ['logout', 'index'], + 'allow' => true, + 'roles' => ['@'], + ], + ], + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ - 'delete' => ['POST'], + 'logout' => ['post'], ], ], ]; diff --git a/backend/controllers/OrdersController.php b/backend/controllers/OrdersController.php index 1b57061..666f90c 100644 --- a/backend/controllers/OrdersController.php +++ b/backend/controllers/OrdersController.php @@ -8,7 +8,7 @@ use common\models\OrdersSearch; use yii\web\Controller; use yii\web\NotFoundHttpException; use yii\filters\VerbFilter; - +use yii\filters\AccessControl; /** * OrdersController implements the CRUD actions for Orders model. */ @@ -20,15 +20,28 @@ class OrdersController extends Controller public function behaviors() { return [ + 'access' => [ + 'class' => AccessControl::className(), + 'rules' => [ + [ + 'actions' => ['login', 'error'], + 'allow' => true, + ], + [ + 'actions' => ['logout', 'index'], + 'allow' => true, + 'roles' => ['@'], + ], + ], + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ - 'delete' => ['POST'], + 'logout' => ['post'], ], ], ]; } - /** * Lists all Orders models. * @return mixed diff --git a/backend/controllers/SiteController.php b/backend/controllers/SiteController.php index 90d2445..07b8283 100644 --- a/backend/controllers/SiteController.php +++ b/backend/controllers/SiteController.php @@ -4,7 +4,7 @@ namespace backend\controllers; use Yii; use yii\filters\AccessControl; use yii\web\Controller; -use common\models\LoginForm; +use backend\models\LoginForm; use yii\filters\VerbFilter; use common\models\Blog; /** @@ -13,7 +13,6 @@ use common\models\Blog; class SiteController extends Controller { - public $layout = '/admin'; /** * @inheritdoc diff --git a/backend/models/LoginForm.php b/backend/models/LoginForm.php new file mode 100755 index 0000000..30506c2 --- /dev/null +++ b/backend/models/LoginForm.php @@ -0,0 +1,79 @@ +hasErrors()) { + $user = $this->getUser(); + if (!$user || !$user->validatePassword($this->password)) { + $this->addError($attribute, 'Incorrect username or password.'); + } + } + } + + /** + * Logs in a user using the provided username and password. + * + * @return boolean whether the user is logged in successfully + */ + public function login() + { + if ($this->validate()) { + return Yii::$app->user->login($this->getUser(), $this->rememberMe ? 3600 * 24 * 30 : 0); + } else { + return false; + } + } + + /** + * Finds user by [[username]] + * + * @return User|null + */ + protected function getUser() + { + if ($this->_user === null) { + $this->_user = User::findByUsername($this->username); + } + + return $this->_user; + } +} diff --git a/backend/views/site/login.php b/backend/views/site/login.php index 11e8c4b..20f3f78 100644 --- a/backend/views/site/login.php +++ b/backend/views/site/login.php @@ -19,7 +19,7 @@ $this->params['breadcrumbs'][] = $this->title;
'login-form']); ?> - field($model, 'email')->textInput(['autofocus' => true]) ?> + field($model, 'username')->textInput(['autofocus' => true]) ?> field($model, 'password')->passwordInput() ?> -- libgit2 0.21.4