First steps to use Yii2-usuario

After installing the extension and having configured everything, you need setup your application with the all the user related stuff, e.g.

Creating your first user

There are several ways to do that:

Creating the first Administrator during a migration

This is helpful e.g. when using you Yii2 applicatio with Docker and need to start the Docker Container with basic user settings.

We will create an adminuser with a adminisrator role.

Put this in your migration:

class m... extends Migration
    public function safeUp()
        $auth = Yii::$app->authManager;

        // create a role named "administrator"
        $administratorRole = $auth->createRole('administrator');
        $administratorRole->description = 'Administrator';

        // create permission for certain tasks
        $permission = $auth->createPermission('user-management');
        $permission->description = 'User Management';

        // let administrators do user management
        $auth->addChild($administratorRole, $auth->getPermission('user-management'));

        // create user "admin" with password "verysecret"
        $user = new \Da\User\Model\User([
            'scenario' => 'create', 
            'email' => "", 
            'username' => "admin", 
            'password' => "verysecret"  // >6 characters!
        $user->confirmed_at = time();

        // assign role to our admin-user
        $auth->assign($administratorRole, $user->id);

    public function safeDown()
        $auth = Yii::$app->authManager;

        // delete permission

        // delete admin-user and administrator role
        $administratorRole = $auth->getRole("administrator");
        $user = \Da\User\Model\User::findOne(['name'=>"admin"]);
        $auth->revoke($administratorRole, $user->id);


User Management

Having setup the admin user you can start using user management at


You should be prompted a login screen and the enter admin/verysecret.

Working with authentication

Usually access restrictions to controller actions care specified in behaviors().

Additionally, in your code you can directly use permission checks. This is helpful e.g. in ./views/layouts/main.php.


// Is current user a guest (not signed in?)
if (Yii::$app->user->isGuest) {

// Get roles of user
$roles = Yii::$app->authManager->getRolesByUser(Yii::$app->user->getId());

// Does current user have permission to do "user-management"?
if (Yii::$app->user->can("user-management")) {

It is helpful to basically understand how Yii2 does authantication. The you can get in Yii2-usuario more quickly.