class User extends \yii\base\Object implements \yii\web\IdentityInterface
{
public $id;
public $username;
//public $password; // Remove plain password support
public $authKey;
public $accessToken;
public $passwordHash; // Use password hash. Generated like... password_hash("User'sPassword", PASSWORD_DEFAULT);
private static $users = [
'100' => [
'id' => '100',
'username' => 'admin',
'authKey' => 'test100key',
'accessToken' => '100-token',
'passwordHash' => '$2y$10$/lVWm8iL07.zoBE.7nM8ueDSPiR8XwxyoAuZPfCclPZ3PscOXM.KK' // 123admin
],
...
];
/**
* Find username for specified userid.
*
* @id integer $id of user to search.
* @return string Username if found, 'N/A' if not found.
*/
public static function findUsername($id)
{
$usr = isset(self::$users[$id]) ? new static(self::$users[$id]) : null;
if (count($usr) > 0) {
return $usr->username;
} else {
return 'N/A';
}
}
...
/**
* Validates password
*
* @param string $password password to validate
* @return boolean if password provided is valid for current user
*/
public function validatePassword($password)
{
//return $this->password === $password; // disable plain password support
return password_verify($password, $this->passwordHash); // enable password hash support
}
}
Model file ''@app/models/PasswordForm''
hasErrors()) {
$this->addError($attribute, 'Invalid or unsupported password.');
}
}
public function encrypt()
{
if ($this->validate()) {
return password_hash($this->password, PASSWORD_DEFAULT); // hash
//return $this->password; // plain
}
return false;
}
}
Password generation view. This is a tool to help generate passwords for the User model. Copy the password here and enter it in file ''@app/models/User.php'' as a passworHash for the required user. Eg: 'passwordHash' => '$2y$10$/lVWm8iL07.zoBE.7nM8ueDSPiR8XwxyoAuZPfCclPZ3PscOXM.KK' // 123admin
View ''@app/views/site/password''
title = 'Password Encryption';
$this->params['breadcrumbs'][] = $this->title;
?>
Encrypted Password:= $encrypted_password ?>
= Html::encode($this->title) ?>
Enter a password to encrypt:
'login-form',
'options' => ['class' => 'form-horizontal'],
'fieldConfig' => [
'template' => "{label}\n{input}\n{error}",
'labelOptions' => ['class' => 'col-lg-1 control-label'],
],
]); ?>
= $form->field($model, 'password')->passwordInput() ?>
= Html::submitButton('Encrypt', ['class' => 'btn btn-primary', 'name' => 'encrypt-button']) ?>
View ''@app/views/layout/main'' to call ''password'' view:
echo Nav::widget([
'options' => ['class' => 'navbar-nav navbar-right'],
'items' => [
['label' => 'Home', 'url' => ['/site/index']],
// Admin menu only
!Yii::$app->user->isGuest && Yii::$app->user->identity->username === 'admin' ?
['label' => 'Admin', 'url' => ['/site/admin'],
'items' => [
...
['label' => 'Encrypt User Password', 'url' => ['/site/password']],
]] :
'',
],
]);
NavBar::end();
?>
Controller ''@app/controllers/SiteController'' to display ''password'' view:
use app\models\PasswordForm;
...
class SiteController extends Controller
{
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'rules' => [
[
'actions' => [..., 'password'],
'allow' => true,
'roles' => ['@'], // @ = Authenticated users
],
...
],
],
...
];
}
...
public function actionPassword()
{
$encrypted_password = '';
$model = new PasswordForm();
if ($model->load(Yii::$app->request->post()) && $model->encrypt()) {
Yii::$app->session->setFlash('Password encrypted');
$encrypted_password = $model->encrypt();
}
return $this->render('password', [
'model' => $model,
'encrypted_password' => $encrypted_password,
]);
}
}