In this chapter, you learned how to apply user authentication and authorization to an app. The first step was to create an authenticated access to the application. For this purpose, we created a database table to manage users and associated it to the Yii user component through a user model that extends IdentityInterface.

The first example in this chapter was building a login form to authenticate the user. The next step was to control which actions a user can perform or not, and this was the case for the authorization phase too. As you saw, Yii provides two solutions for this matter: ACF and RBAC. We configured a controller to use ACF and then you saw how RBAC is a more powerful tool to manage user authorization with more granularity. Finally, ...