Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
Y
yii2
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
PSDI Army
yii2
Commits
22189b3b
Commit
22189b3b
authored
Apr 06, 2014
by
Qiang Xue
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
doc fix [skip ci]
parent
597e470c
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
28 additions
and
14 deletions
+28
-14
rest.md
docs/guide/rest.md
+28
-14
No files found.
docs/guide/rest.md
View file @
22189b3b
...
...
@@ -607,39 +607,49 @@ To enable authentication for your APIs, do the following two steps:
in your REST controller classes.
2.
Implement
[
[yii\web\IdentityInterface::findIdentityByAccessToken()
]
] in your
[
[yii\web\User::identityClass|user identity class
]
].
For example, to enable all three authentication methods explained above, you can configure
`authenticator`
like following,
For example, to use HTTP Basic Auth, you may configure
`authenticator`
as follows,
```
php
use
yii\helpers\ArrayHelper
;
use
yii\filters\auth\HttpBasicAuth
;
public
function
behaviors
()
{
return
array_
merge
(
parent
::
behaviors
(),
[
return
ArrayHelper
::
merge
(
parent
::
behaviors
(),
[
'authenticator'
=>
[
'authMethods'
=>
[
\yii\filters\auth\HttpBasicAuth
::
className
(),
\yii\filters\auth\QueryParamAuth
::
className
(),
\yii\filters\auth\HttpBearerAuth
::
className
(),
],
'class'
=>
HttpBasicAuth
::
className
(),
],
]);
}
```
Each element in
`authMethods`
should be an auth method class name or a configuration array. An auth class
must implement
[
[yii\rest\AuthInterface
]
].
If you only want to a single authentication method, such as HTTP Basic Auth, you may use the following code:
If you want to support all three authentication methods explained above, you can use
`CompositeAuth`
like the following,
```
php
use
yii\helpers\ArrayHelper
;
use
yii\filters\auth\CompositeAuth
;
use
yii\filters\auth\HttpBasicAuth
;
use
yii\filters\auth\HttpBearerAuth
;
use
yii\filters\auth\QueryParamAuth
;
public
function
behaviors
()
{
return
array_
merge
(
parent
::
behaviors
(),
[
return
ArrayHelper
::
merge
(
parent
::
behaviors
(),
[
'authenticator'
=>
[
'class'
=>
\yii\filters\auth\HttpBasicAuth
::
className
(),
'class'
=>
CompositeAuth
::
className
(),
'authMethods'
=>
[
HttpBasicAuth
::
className
(),
HttpBearerAuth
::
className
(),
QueryParamAuth
::
className
(),
],
],
]);
}
```
Each element in
`authMethods`
should be an auth method class name or a configuration array.
Implementation of
`findIdentityByAccessToken()`
is application specific. For example, in simple scenarios
when each user can only have one access token, you may store the access token in an
`access_token`
column
...
...
@@ -727,10 +737,14 @@ will thrown a [[yii\web\TooManyRequestsHttpException]] if rate limit is exceeded
as follows in your REST controller classes,
```
php
use
yii\helpers\ArrayHelper
;
use
yii\filters\RateLimiter
;
public
function
behaviors
()
{
return
array_
merge
(
parent
::
behaviors
(),
[
return
ArrayHelper
::
merge
(
parent
::
behaviors
(),
[
'rateLimiter'
=>
[
'class'
=>
RateLimiter
::
className
(),
'enableRateLimitHeaders'
=>
false
,
],
]);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment