fitness-web/common/models/LoginForm.php

<?php
namespace common\models;

use Yii;
use yii\base\Model;

/**
 * Login form
 */
class LoginForm extends Model
{
    public $username;
    public $password;
    public $rememberMe = true;

    private $_user;
    
    public $roles = null ;


    /**
     * @inheritdoc
     */
    public function rules()
    {
        return [
            // username and password are both required
            [['username', 'password'], 'required'],
            // rememberMe must be a boolean value
            ['rememberMe', 'boolean'],
            // password is validated by validatePassword()
            ['password', 'validatePassword'],
        ];
    }
    
    public function attributeLabels(){
    	return [
    			'username' =>Yii::t('common/site', 'Username'),
    			'password' =>Yii::t('common/site', 'Password'),
    			'rememberMe' =>Yii::t('common/site', 'Remember me'),
    	];
    }

    /**
     * Validates the password.
     * This method serves as the inline validation for password.
     *
     * @param string $attribute the attribute currently being validated
     * @param array $params the additional name-value pairs given in the rule
     */
    public function validatePassword($attribute, $params)
    {
        if (!$this->hasErrors()) {
            $user = $this->getUser();
            if (!$user || !$user->validatePassword($this->password)) {
                $this->addError($attribute, 'Incorrect username or password.');
            }
        }
    }

    /**
     * Logs in a user using the provided username and password.
     *
     * @return boolean whether the user is logged in successfully
     */
    public function login()
    {
        if ($this->validate()) {
            return Yii::$app->user->login($this->getUser(), $this->rememberMe ? 3600 * 24 * 30 : 0);
        } else {
            return false;
        }
    }

    /**
     * Finds user by [[username]]
     *
     * @return User|null
     */
    protected function getUser()
    {
        if ($this->_user === null) {
            $this->_user = User::findByUsername($this->username);
        }
        
        if ( $this->_user != null ){
        	if ( $this->roles != null ){
		        $canLogin = false;
        		foreach ($this->roles as $role){
        			$canLogin = $canLogin || Yii::$app->authManager->checkAccess($this->_user->id, $role);
        		}
        		
        		if ( !$canLogin ){
        			\Yii::info("user ".$this->_user->username." has no permission to login to administration area!");
        			$this->_user = null;
        		}
        	}
        }
        
        return $this->_user;
    }
}