perform API auth before configured User class may require login

This allows usage of AccessControl filter in API

perform API auth before configured User class may require login
85412adb · Carsten Brandt · fdface16 · 85412adb
Commit 85412adb authored Mar 27, 2014 by Carsten Brandt
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 3 deletions

Controller.php framework/rest/Controller.php +1 -3

No files found.
--- a/framework/rest/Controller.php
+++ b/framework/rest/Controller.php
@@ -105,10 +105,9 @@ class Controller extends \yii\web\Controller
     */
    public function beforeAction($action)
    {
+        $this->authenticate($action);
        if (parent::beforeAction($action)) {
-            $this->authenticate($action);
            $this->checkRateLimit($action);
-
            return true;
        } else {
            return false;
@@ -121,7 +120,6 @@ class Controller extends \yii\web\Controller
    public function afterAction($action, $result)
    {
        $result = parent::afterAction($action, $result);
-
        return $this->serializeData($result);
    }