PHPackages infoweb-internet-solutions/yii2-cms-user - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. infoweb-internet-solutions/yii2-cms-user ActiveYii2-extension[Authentication & Authorization](/categories/authentication) infoweb-internet-solutions/yii2-cms-user ======================================== Flexible user registration and authentication module for Yii2 1.1(10y ago)58903[3 issues](https://github.com/infoweb-internet-solutions/yii2-cms-user/issues)1MITPHP Since Jan 5Pushed 9y ago4 watchersCompare [ Source](https://github.com/infoweb-internet-solutions/yii2-cms-user)[ Packagist](https://packagist.org/packages/infoweb-internet-solutions/yii2-cms-user)[ RSS](/packages/infoweb-internet-solutions-yii2-cms-user/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (2)Versions (7)Used By (1) CMS user module for Yii 2 ========================= [](#cms-user-module-for-yii-2) Docs ---- [](#docs) - [Documentation](http://yii2-user.readthedocs.org/en/latest/). Installation ------------ [](#installation) The preferred way to install this extension is through [composer](http://getcomposer.org/download/). Either run ``` php composer.phar require infoweb-internet-solutions/yii2-cms-user "*" ``` or add ``` "infoweb-internet-solutions/yii2-user": "*" ``` to the require section of your `composer.json` file. Usage ----- [](#usage) Once the extension is installed, simply modify your backend configuration as follows: ``` return [ 'components' => [ ... // Replace default user component: 'user' => [ 'identityClass' => 'infoweb\user\models\User', 'enableAutoLogin' => true, ], // Add to views 'view' => [ 'theme' => [ 'pathMap' => [ ... '@dektrium/user/views' => '@infoweb/user/views' ] ] ], ], ... 'modules' => [ 'user' => [ 'class' => 'dektrium\user\Module', 'enableUnconfirmedLogin' => true, 'confirmWithin' => 21600, 'cost' => 12, 'admins' => ['infoweb', 'admin'], 'modelMap' => [ 'User' => 'infoweb\user\models\User', 'UserSearch' => 'infoweb\user\models\UserSearch', 'Profile' => 'infoweb\user\models\Profile', ], 'controllerMap' => [ 'admin' => 'infoweb\user\controllers\AdminController', 'settings' => 'infoweb\user\controllers\SettingsController', 'security' => 'infoweb\user\controllers\SecurityController', ], 'modules' => [ // Register the custom module as a submodule 'infoweb-user' => [ 'class' => 'infoweb\user\Module' ] ] ], ], ... 'as access' => [ 'class' => 'infoweb\user\components\AccessControl', 'user' => 'infoweb\user\models\WebUser', 'allowActions' => [ 'user/recovery/*', 'user/security/logout', 'user/registration/*' ], ], ]; ``` To use the module, execute yii migration ``` yii migrate/up --migrationPath=@vendor/infoweb-internet-solutions/yii2-cms-user/migrations yii migrate/up --migrationPath=@vendor/dektrium/yii2-user/migrations ``` Separate frontend and backend user ---------------------------------- [](#separate-frontend-and-backend-user) If you want to use separate sessions for users of the frontend and backend application, a couple of configurations have to be updated. 1. Bootstrap the **session** component in `backend/config/main.php` ``` 'bootstrap' => ['session'...], ``` 2. Set the **identityCookie** of the **user** component and update the **request** and **session** components in `backend/config/main.php` ``` 'components' => [ ... 'user' => [ ... 'identityCookie' => [ 'name' => '_backendIdentity', 'path' => '/admin', 'httpOnly' => true, ], ], ... 'request' => [ 'class' => 'common\components\Request', 'web'=> '/backend/web', 'adminUrl' => '/admin', 'csrfParam' => '_backendCSRF', ], 'session' => [ 'name' => 'PHPSESSID', 'cookieParams' => [ 'httpOnly' => true, 'path' => '/admin', ], ], ... ] ``` 3. Bootstrap the **session** component in `frontend/config/main.php` ``` 'bootstrap' => ['session'...], ``` 4. Update the **user**, **request** and **session** components in `frontend/config/main.php` ``` ... 'user' => [ 'identityClass' => 'infoweb\user\models\frontend\User', 'enableAutoLogin' => true, 'identityCookie' => [ 'name' => '_frontendIdentity', 'path' => '/', 'httpOnly' => true, ], ], 'request'=>[ 'class' => 'common\components\Request', 'web' => '/frontend/web', 'csrfParam' => '_frontendCSRF', ], 'session' => [ 'name' => 'PHPFRONTSESSID', 'cookieParams' => [ 'httpOnly' => true, 'path' => '/', ], ], ... ``` 5. At this point you can implement the `models/frontend/LoginForm.php` and `models/frontend/SignupForm.php` models and create views and controller actions for them. 6. Some sort of access control has to be implemented in your frontend controllers to determine which actions are allowed for a frontend user. This can be done through a rbac role of by implementing an access filter as a behavior. ``` public function behaviors() { return [ 'access' => [ 'class' => AccessControl::className(), 'rules' => [ // Login and signup pages are accessible for guests [ 'actions' => ['login','signup', 'request-password-reset'], 'allow' => true, 'roles' => ['?','@'], ], // Logout page is accessible for authenticated users [ 'actions' => ['logout'], 'allow' => true, 'roles' => ['@'], ], // These actions are accessible for authenticated users [ 'actions' => [...], 'allow' => true, 'roles' => ['@'], ], ... ], // If access is denied, redirect to the login page 'denyCallback' => function ($rule, $action) { $this->redirect(['/'])->send(); } ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ 'logout' => ['post'], ], ], ]; } ``` ### Health Score 31 — LowBetter than 68% of packages Maintenance8 Infrequent updates — may be unmaintained Popularity21 Limited adoption so far Community18 Small or concentrated contributor base Maturity67 Established project with proven stability Bus Factor2 2 contributors hold 50%+ of commits How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~48 days Total 5 Last Release 3953d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/7a977fc12b7f6eba9255863c5d9512e400457c69dd67a4b1df82dbc38908768d?d=identicon)[infoweb-internet-solutions](/maintainers/infoweb-internet-solutions) --- Top Contributors [![infoweb-internet-solutions](https://avatars.githubusercontent.com/u/8706156?v=4)](https://github.com/infoweb-internet-solutions "infoweb-internet-solutions (50 commits)")[![rubenheymans](https://avatars.githubusercontent.com/u/2543870?v=4)](https://github.com/rubenheymans "rubenheymans (45 commits)")[![fabiomaggio](https://avatars.githubusercontent.com/u/729877?v=4)](https://github.com/fabiomaggio "fabiomaggio (4 commits)")[![kurt0015](https://avatars.githubusercontent.com/u/2662926?v=4)](https://github.com/kurt0015 "kurt0015 (2 commits)") --- Tags yii2User managementyii2-userinfoweb ### Embed Badge ![Health badge](/badges/infoweb-internet-solutions-yii2-cms-user/health.svg) ``` [![Health](https://phpackages.com/badges/infoweb-internet-solutions-yii2-cms-user/health.svg)](https://phpackages.com/packages/infoweb-internet-solutions-yii2-cms-user) ``` ### Alternatives [2amigos/yii2-usuario Highly customizable and extensible user management, authentication, and authorization Yii2 extension 298275.5k14](/packages/2amigos-yii2-usuario)[yii2mod/yii2-user User module 2817.3k1](/packages/yii2mod-yii2-user) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)