PHP web\User類代碼示例

 /**
  * @inheritdoc
  */
 public function afterLogout($identity)
 {
     parent::afterLogout($identity);
     // обновляем время авторизации и статус online
     if ($identity && $identity instanceof \nepster\users\models\User) {
         $identity->time_activity = time();
         $identity->save(false);
     }
 }

 /**
  * check the permission, if we rewrite and controller, the controller id and module id is not changed
  * @param \yii\base\Action $action
  * @param \yii\web\User $user
  * @param \yii\web\Request $request
  * @return bool
  */
 public function matchActionAccess($action, $user, $request)
 {
     if ($user->getIsGuest()) {
         return false;
     }
     /** @var \core\auth\Module $authModule */
     $authModule = \Yii::$app->getModule('core_auth');
     foreach ($authModule->getAdmins() as $key => $admin) {
         if ($user->getIdentity()->username == $admin['username']) {
             return true;
         }
     }
     if ($action->controller->module instanceof Application) {
         $key = 'default' . '_' . $action->controller->id . '_' . $action->id;
     } else {
         $key = $action->getUniqueId();
         $key = explode('/', $key);
         array_shift($key);
         $key = implode('_', $key);
     }
     $key = lcfirst(implode('', array_map(function ($k) {
         return ucfirst($k);
     }, explode('-', $key))));
     return $user->can($key, $this->params);
 }

 /**
  * Denies the access of the user.
  * The default implementation will redirect the user to the login page if he is a guest;
  * if the user is already logged, a 403 HTTP exception will be thrown.
  * @param Yii\web\User $user the current user
  * @throws Yii\web\ForbiddenHttpException if the user is already logged in.
  */
 protected function denyAccess($user)
 {
     if ($user->getIsGuest()) {
         $user->loginRequired();
     } else {
         $this->ajaxOnly();
     }
 }

 /**
  * Denies the access of the user.
  * The default implementation will redirect the user to the login page if he is a guest;
  * if the user is already logged, a 403 HTTP exception will be thrown.
  * @param  User $user the current user
  * @throws ForbiddenHttpException if the user is already logged in.
  */
 protected function denyAccess($user)
 {
     if ($user->getIsGuest()) {
         $user->loginRequired();
     } else {
         throw new ForbiddenHttpException(Yii::t('yii', 'You are not allowed to perform this action.'));
     }
 }

 /**
  * 拒絕訪問
  * @param \yii\web\User $user
  * @throws ForbiddenHttpException
  */
 protected function denyAccess($user)
 {
     if ($user->getIsGuest()) {
         Yii::$app->getSession()->setFlash('danger', Yii::t('common', 'You have not login, please login first.'));
         $user->loginRequired();
     } else {
         //檢查權限是否有配置
         //             $this->checkAuthItem();
         throw new ForbiddenHttpException(Yii::t('yii', 'You are not allowed to perform this action.'));
     }
 }

 /**
  * Matches the web User object against the specified platform roles.
  * 
  * @param \yii\web\User $user
  * @return bool
  */
 public function matchUserRoles($user)
 {
     if (empty($this->userRoles)) {
         return true;
     }
     foreach ($this->userRoles as $role) {
         if (Role::check($role, $user->getRole())) {
             return true;
         }
     }
     return false;
 }

 /**
  * Authenticates the current user.
  *
  * @param \yii\web\User     $user
  * @param \yii\web\Request  $request
  * @param \yii\web\Response $response
  *
  * @return \yii\web\IdentityInterface the authenticated user identity. If authentication information is not
  *                                    provided, null will be returned.
  * @throws \yii\web\UnauthorizedHttpException if authentication information is provided but is invalid.
  */
 public function authenticate($user, $request, $response)
 {
     /** @var array $request */
     /** @noinspection PhpUndefinedFieldInspection */
     $request = Json::decode($request->rawBody);
     $token = ArrayHelper::getValue($request, $this->accessTokenPath);
     if (!$token || !($identity = $user->loginByAccessToken($token))) {
         \Yii::$app->session->remove(TokenAuth::DEFAULT_TOKEN_PATH);
         throw new UnauthorizedHttpException('Incorrect or expired token provided');
     }
     \Yii::$app->session->set(TokenAuth::DEFAULT_TOKEN_PATH, $token);
     return $identity;
 }

 /**
  * Denies the access of the user.
  * The default implementation will redirect the user to the login page if he is a guest;
  * if the user is already logged, a 403 HTTP exception will be thrown.
  * @param User $user the current user
  * @throws ForbiddenHttpException if the user is already logged in.
  */
 protected function denyAccess($user)
 {
     $rr = new RequestResponse();
     if ($user->getIsGuest()) {
         $authUrl = UrlHelper::construct("admin/auth")->setCurrentRef()->enableAdmin()->createUrl();
         if (\Yii::$app->request->isAjax && !\Yii::$app->request->isPjax) {
             $rr->redirect = $authUrl;
             return (array) $rr;
         } else {
             \Yii::$app->getResponse()->redirect($authUrl);
         }
     } else {
         throw new ForbiddenHttpException(\Yii::t('yii', \Yii::t('app', 'You are not allowed to perform this action.')));
     }
 }

 /**
  * @inheritdoc
  */
 public function loginRequired($checkAjax = true, $checkAcceptHeader = true)
 {
     if ($this->enableSession && (!$checkAjax || !Yii::$app->getRequest()->getIsAjax())) {
         Yii::$app->session->setFlash('flash-warning', HUsers::t('messages', 'This page is restricted to authenticated users'));
     }
     return parent::loginRequired($checkAjax, $checkAcceptHeader);
 }

 /**
  * Initializes the User component
  */
 public function init()
 {
     if ($this->identityClass == null) {
         $this->identityClass = 'comyii\\user\\models\\User';
     }
     parent::init();
 }

 public function interception($event)
 {
     if (!isset(Yii::$app->i18n->translations['db_rbac'])) {
         Yii::$app->i18n->translations['db_rbac'] = ['class' => 'yii\\i18n\\PhpMessageSource', 'sourceLanguage' => 'ru-Ru', 'basePath' => '@developeruz/db_rbac/messages'];
     }
     $route = Yii::$app->getRequest()->resolve();
     //Проверяем права по конфигу
     $this->createRule();
     $user = Instance::ensure(Yii::$app->user, User::className());
     $request = Yii::$app->getRequest();
     $action = $event->action;
     if (!$this->cheсkByRule($action, $user, $request)) {
         //И по AuthManager
         if (!$this->checkPermission($route)) {
             //Если задан $login_url и пользователь не авторизован
             if (Yii::$app->user->isGuest && $this->login_url) {
                 Yii::$app->response->redirect($this->login_url)->send();
                 exit;
             }
             //Если задан $redirect_url
             if ($this->redirect_url) {
                 Yii::$app->response->redirect($this->redirect_url)->send();
                 exit;
             } else {
                 throw new ForbiddenHttpException(Yii::t('db_rbac', 'Недостаточно прав'));
             }
         }
     }
 }

 public function init()
 {
     parent::init();
     if ($this->userConfig !== null) {
         $this->userConfig = Instance::ensure($this->userConfig, UserConfig::className());
     }
 }

 /**
  * 初始化方法
  */
 public function init()
 {
     parent::init();
     //獲取user實例
     $this->user = Instance::ensure($this->user, User::className());
     $this->user_info = $this->user->identity;
 }

 /**
  * Checks if the user can perform the operation as specified by the given permission.
  *
  * Note that you must configure "authManager" application component in order to use this method.
  * Otherwise an exception will be thrown.
  *
  * @param string $permissionName the name of the permission (e.g. "edit post") that needs access check.
  * @param array $params name-value pairs that would be passed to the rules associated
  * with the roles and permissions assigned to the user. A param with name 'user' is added to
  * this array, which holds the value of [[id]].
  * @param boolean $allowCaching whether to allow caching the result of access check.
  * When this parameter is true (default), if the access check of an operation was performed
  * before, its result will be directly returned when calling this method to check the same
  * operation. If this parameter is false, this method will always call
  * [[\yii\rbac\ManagerInterface::checkAccess()]] to obtain the up-to-date access result. Note that this
  * caching is effective only within the same request and only works when `$params = []`.
  * @return boolean whether the user can perform the operation as specified by the given permission.
  * @SuppressWarnings(PHPMD.BooleanArgumentFlag)
  */
 public function can($permissionName, $params = [], $allowCaching = true)
 {
     if (!$this->getIsGuest() && $this->getIdentity()->isSuperUser()) {
         return true;
     }
     return parent::can($permissionName, $params, $allowCaching);
 }

 /**
  * Get user
  * @return User
  */
 public function getUser()
 {
     if (!$this->_user instanceof User) {
         $this->_user = Instance::ensure($this->_user, User::className());
     }
     return $this->_user;
 }