|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
/** |
|
4
|
|
|
* _ __ __ _____ _____ ___ ____ _____ |
|
5
|
|
|
* | | / // // ___//_ _// || __||_ _| |
|
6
|
|
|
* | |/ // /(__ ) / / / /| || | | | |
|
7
|
|
|
* |___//_//____/ /_/ /_/ |_||_| |_| |
|
8
|
|
|
* @link http://vistart.name/ |
|
9
|
|
|
* @copyright Copyright (c) 2016 vistart |
|
10
|
|
|
* @license http://vistart.name/license/ |
|
11
|
|
|
*/ |
|
12
|
|
|
|
|
13
|
|
|
namespace vistart\Models\components; |
|
14
|
|
|
|
|
15
|
|
|
use Yii; |
|
16
|
|
|
use yii\web\ForbiddenHttpException; |
|
17
|
|
|
|
|
18
|
|
|
/** |
|
19
|
|
|
* Description of SSOIdentity |
|
20
|
|
|
* This component needs MultiDomainsManager component. |
|
21
|
|
|
* Usage: |
|
22
|
|
|
* config/web.php (basic template) or config/main.php (advanced template): |
|
23
|
|
|
* ```php |
|
24
|
|
|
* $config = [ |
|
25
|
|
|
* ... |
|
26
|
|
|
* 'components' => [ |
|
27
|
|
|
* ... |
|
28
|
|
|
* 'multiDomainsManager' => [ |
|
29
|
|
|
* 'baseDomain' => <Base Domain>, |
|
30
|
|
|
* ], |
|
31
|
|
|
* 'user' => [ |
|
32
|
|
|
* 'class' => 'vistart\Models\components\SSOIdentity', |
|
33
|
|
|
* 'enableAutoLogin' => true, |
|
34
|
|
|
* 'identityClass' => <User Identity Class>, |
|
35
|
|
|
* 'identityCookie' => [ |
|
36
|
|
|
* 'name' => '_identity', |
|
37
|
|
|
* 'httpOnly' => true, |
|
38
|
|
|
* 'domain' => '.' . <Base Domain>, // same as Multi-Domains Manager's `baseDomain` property. |
|
39
|
|
|
* ], |
|
40
|
|
|
* ], |
|
41
|
|
|
* 'session' => [ |
|
42
|
|
|
* ... |
|
43
|
|
|
* 'cookieParams' => [ |
|
44
|
|
|
* 'domain' => '.' . <Base Domain>, // same as Multi-Domains Manager's `baseDomain` property. |
|
45
|
|
|
* 'lifetime' => 0, |
|
46
|
|
|
* ], |
|
47
|
|
|
* ... |
|
48
|
|
|
* ], |
|
49
|
|
|
* ... |
|
50
|
|
|
* ], |
|
51
|
|
|
* ]; |
|
52
|
|
|
* ``` |
|
53
|
|
|
* @since 2.0 |
|
54
|
|
|
* @author vistart <[email protected]> |
|
55
|
|
|
*/ |
|
56
|
|
|
class SSOIdentity extends \yii\web\User |
|
57
|
|
|
{ |
|
58
|
|
|
|
|
59
|
|
|
public $ssoDomain = 'sso'; |
|
60
|
|
|
public $loginUrl = ['sso/login']; |
|
61
|
|
|
public $multiDomainsManagerId = 'multiDomainsManager'; |
|
62
|
|
|
|
|
63
|
1 |
|
public function loginRequired($checkAjax = true) |
|
64
|
|
|
{ |
|
65
|
1 |
|
$request = Yii::$app->getRequest(); |
|
66
|
|
|
|
|
67
|
1 |
|
if ($this->enableSession && (!$checkAjax || !$request->getIsAjax())) { |
|
68
|
1 |
|
$this->setReturnUrl($request->getAbsoluteUrl()); |
|
69
|
1 |
|
} |
|
70
|
1 |
|
if ($this->loginUrl !== null) { |
|
71
|
1 |
|
$loginUrl = (array) $this->loginUrl; |
|
72
|
1 |
|
if ($loginUrl[0] !== Yii::$app->requestedRoute) { |
|
73
|
1 |
|
$ssoUrlManager = $this->getMultiDomainsManager()->get($this->ssoDomain); |
|
74
|
1 |
|
return Yii::$app->getResponse()->redirect($ssoUrlManager->createAbsoluteUrl($this->loginUrl)); |
|
75
|
|
|
} |
|
76
|
1 |
|
} |
|
77
|
1 |
|
throw new ForbiddenHttpException(Yii::t('yii', 'Login Required')); |
|
78
|
|
|
} |
|
79
|
|
|
|
|
80
|
1 |
|
protected function getMultiDomainsManager() |
|
81
|
|
|
{ |
|
82
|
1 |
|
if (!empty($this->multiDomainsManagerId) && is_string($this->multiDomainsManagerId)) { |
|
83
|
1 |
|
$mdId = $this->multiDomainsManagerId; |
|
84
|
1 |
|
return Yii::$app->$mdId; |
|
85
|
|
|
} |
|
86
|
1 |
|
return Yii::$app->multiDomainsManager; |
|
87
|
|
|
} |
|
88
|
|
|
} |
|
89
|
|
|
|
vistart /
yii2-models
