This article tries to explain the steps required in integrating the HybridAuth into Yii directly, without using an extension.
The reason for not using an existing extension, such as hoauth is because the extension assumes a pre-defined database table structure to be used. An application i am developing, already had the direct login system implemented (where the user enters his/her email and password for signing-in or signing-up.) Now i had to integrate the social login feature into the existing system. Also, i required the flexibility that the user can login once through their Google Account, next time through their Facebook account, yet another time through LinkedIn etc.
Lets assume a login html similar to the example shown in the HybridAuth documentation link:
http://hybridauth.sourceforge.net/userguide/Integrating_HybridAuth_Social_Login.html
I am going to use different actions within the SiteController for:
Logging through the traditional system of username(email)/password (through a 'signIn' action)
Social Login (through a 'login' action)
This is just for making the tutorial easy, and trying to have different functions for different user actions. You can choose to implement both these options in the same action.
The html for traditional login would be something like this:
The html for Social Login could be:
I am going to concentrate only on actionLogin() and not actionSignIn().
Initial Setup of HybridAuth
Download the latest version of HybridAuth (version 2.1.2 as of this writing) from the link:
http://hybridauth.sourceforge.net/download.html#index
Extract the contents to some folder in your application, lets say the extensions folder.
Create a php file named HybridAuthIdentity, in the components folder.
This class extends from the CUserIdentity class. (Note that this is not very important. I am just trying to show the way i have done it).
The overall directory structure assumed in this tutorial is:
HybridAuthIdentity Constructor
This new class has the following initial code:
Within the constructor the following steps occur:
Import the Auth.php file
Set the configuration parameters (in this tutorial, the configuration for HybridAuth is stored within the HybridAuthIdentity class, and there is no need for a seperate config.php file. Notice the 'base_url' address in the config parameters. The url points to a 'socialLogin' action in SiteController, which would be created in sometime.
Create a new Hybrid_Auth object.
The '$allowedProviders' property is used for validation purpose.
SiteController actions
Two actions are required in this controllers:
One for the login action, when the user clicks a particular provider image.
Second is the 'socialLogin' action that has been mentioned as the url for HybridAuth config.
Step 1: actionLogin():
Explanation of the actionLogin() function:
Check if the $_GET['provider'] parameter was received from the client. If not, redirect the user as required.
Import the HybridAuthIdentity class (if the components folder is not defined to be auto-imported).
Validate the $_GET['provider'] parameter to confirm that the provider name is within the list of allowed providers.
The next two lines, initializing the adapter and userProfile, are lifted directly from HybridAuth. For explanation refer to the HybridAuth documentation.
Step 2: actionSocialLogin():
Explanation:
This action just requires importing of the index.php file of HybridAuth.
Registering with the Service Providers:
For registering with the service providers, mention the Callback Url as 'https://mysite.com/site/socialLogin?hauth.done=providerName'
Replace providerName with the actual provider name.
Example callback URLs:
https://mysite.com/site/socialLogin?hauth.done=Google
https://mysite.com/site/socialLogin?hauth.done=Facebook
https://mysite.com/site/socialLogin?hauth.done=LinkedIn
Note: With this setup process, the install method mentioned in the HybridAuth documentation need not be executed. But remember to delete the install.php file (with or without executing it).
Logging into the Yii Authentication Framework
After the authentication, the code for redirecting the user to the logged in section is completely as per individual requirements.
At the minimum, you can login the user into Yii:
The authenticate() code simply returns true unconditionally.
Call the login() function after authentication in actionLogin() of SiteController and then redirect the user to the user module/controller.
Any suggestions to further improve the code or the wiki are welcome.