Commit 85412adb by Carsten Brandt

perform API auth before configured User class may require login

This allows usage of AccessControl filter in API
parent fdface16
...@@ -105,10 +105,9 @@ class Controller extends \yii\web\Controller ...@@ -105,10 +105,9 @@ class Controller extends \yii\web\Controller
*/ */
public function beforeAction($action) public function beforeAction($action)
{ {
$this->authenticate($action);
if (parent::beforeAction($action)) { if (parent::beforeAction($action)) {
$this->authenticate($action);
$this->checkRateLimit($action); $this->checkRateLimit($action);
return true; return true;
} else { } else {
return false; return false;
...@@ -121,7 +120,6 @@ class Controller extends \yii\web\Controller ...@@ -121,7 +120,6 @@ class Controller extends \yii\web\Controller
public function afterAction($action, $result) public function afterAction($action, $result)
{ {
$result = parent::afterAction($action, $result); $result = parent::afterAction($action, $result);
return $this->serializeData($result); return $this->serializeData($result);
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment