public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = ['class' => HttpBasicAuth::className()];
/*
* The W3 spec for CORS preflight requests clearly states that user credentials should be excluded.
* There is a bug in Chrome and WebKit where OPTIONS requests returning a status of 401 still send
* the subsequent request.
*
* Firefox has a related bug filed that ends with a link to the W3 public webapps mailing list asking
* for the CORS spec to be changed to allow authentication headers to be sent on the OPTIONS request
* at the benefit of IIS users. Basically, they are waiting for those servers to be obsoleted.
*
* How can I get the OPTIONS request to send and respond consistently?
*
* Simply have the server (API in this example) respond to OPTIONS requests without requiring authentication.
*/
/*$behaviors['access'] = [
'class' => AccessControl::className(),
'only' => ['options'],
'rules' => [
[
'allow' => true,
'roles' => '?',
],
]
];*/
$behaviors['contentNegotiator']['formats']['application/json'] = isset($_GET['callback']) ? \yii\web\Response::FORMAT_JSONP : \yii\web\Response::FORMAT_JSON;
$behaviors['contentNegotiator']['formats']['application/jsonp'] = \yii\web\Response::FORMAT_JSONP;
return $behaviors;
}
public function behaviors()
{
$behaviors = parent::behaviors();
/*
// test with basic auth which can be set in params
$behaviors['authenticator'] = [
'class' => HttpBasicAuth::className(),
'auth' => function ($username, $password) {
if ($username==\Yii::$app->params['HttpBasicAuth']['username'] && $password==\Yii::$app->params['HttpBasicAuth']['password']) {
return new User();
} else {
return null;
}
}];
*/
$behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [HttpBasicAuth::className(), QueryParamAuth::className()]];
/*
//set response header to application/json only
$behaviors['contentNegotiator'] = [
'class' => ContentNegotiator::className(),
'formats' => [
'application/json' => Response::FORMAT_JSON,
// 'application/xml' => Response::FORMAT_XML,
],
];
*/
return $behaviors;
}
/**
* @inheritdoc
*/
public function authenticate($user, $request, $response)
{
parent::authenticate($user, $request, $response);
$username = $request->getAuthUser();
$password = $request->getAuthPassword();
$headers = Yii::$app->request->headers;
if ($this->auth) {
if ($username !== null || $password !== null) {
$identity = call_user_func($this->auth, $username, $password);
if ($identity !== null) {
$user->switchIdentity($identity);
} else {
$this->handleFailure($response);
}
return $identity;
}
} else {
if ($headers->has('x-apitoken')) {
$decoded = JWT::decode($headers->get('x-apitoken'), Yii::$app->params['security-salt'], array('HS256'));
if (isset($decoded->token) && $decoded->token != '') {
$identity = $user->loginByAccessToken($decoded->token, get_class($this));
if ($identity === null) {
$this->handleFailure($response);
}
if ($identity->username == $decoded->username) {
return $identity;
}
}
return $identity;
}
}
return null;
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['verbs'] = ['class' => VerbFilter::className(), 'actions' => ['indexWithQuote' => ['get']]];
$behaviors['authenticator'] = ['class' => HttpBasicAuth::className()];
return $behaviors;
}
public function behaviors()
{
$behaviors = parent::behaviors();
//$behaviors['contentNegotiator']['formats']['text/html'] = Response::FORMAT_JSON; //setting JSON as default reply
$behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [HttpBasicAuth::className(), HttpBearerAuth::className(), QueryParamAuth::className()]];
return $behaviors;
}
/**
* @inheritdoc
*/
public function behaviors()
{
// send Authorization : Basic base64(token:) in header
$behaviors = parent::behaviors();
$behaviors['authenticator'] = ['class' => HttpBasicAuth::className()];
$behaviors['verbs'] = ['class' => VerbFilter::className(), 'actions' => ['index' => ['GET'], 'view' => ['GET'], 'create' => ['PUT'], 'update' => ['POST', 'PATCH'], 'delete' => ['DELETE']]];
return $behaviors;
}
/**
* @inheritdoc
*/
public function behaviors()
{
// bootstrap the ContentNegotiatot behavior earlier to use detected format for authenticator
/** @var ContentNegotiator $contentNegotiator */
$contentNegotiator = Yii::createObject(['class' => ContentNegotiator::className(), 'formats' => ['text/html' => Response::FORMAT_HTML, 'application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML, 'text/csv' => Response::FORMAT_CSV, 'application/pdf' => Response::FORMAT_PDF, 'application/vnd.ms-excel' => Response::FORMAT_XLS]]);
$contentNegotiator->negotiate();
return array_merge(parent::behaviors(), ['contentNegotiator' => $contentNegotiator, 'authenticator' => ['class' => \yii\filters\auth\CompositeAuth::className(), 'authMethods' => !Yii::$app->user->getIsGuest() || Yii::$app->response->format === Response::FORMAT_HTML ? [] : [\yii\filters\auth\HttpBasicAuth::className(), \yii\filters\auth\QueryParamAuth::className()]], 'rateLimiter' => ['class' => \yii\filters\RateLimiter::className(), 'user' => Yii::$app->user->getIdentity()], 'access' => ['class' => AccessControl::className(), 'rules' => [['allow' => true, 'roles' => ['@']]]], 'menu' => ['class' => ActiveNavigation::className()]]);
}
public function behaviors()
{
//指定ip不需签名
if (in_array(yii::$app->request->getUserIP(), yii::$app->params['WithoutVerifyIP'])) {
return parent::behaviors();
}
return ArrayHelper::merge(parent::behaviors(), ['authenticator' => ['class' => HttpBasicAuth::className(), 'auth' => 'common\\models\\User::findByPasswordResetToken', 'except' => ['api/qiniu-callback']]]);
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['access'] = ['class' => AccessControl::className(), 'rules' => [['allow' => true, 'actions' => ['index', 'search'], 'roles' => ['?']], ['allow' => true, 'actions' => ['index', 'search', 'view', 'create', 'update', 'delete', 'options'], 'roles' => ['admin']]]];
$behaviors['authenticator'] = ['class' => \yii\filters\auth\HttpBasicAuth::className(), 'auth' => function ($username, $password) {
return \app\models\User::findByUsernameAndPassword($username, $password);
}, 'except' => ['index', 'search']];
return $behaviors;
}
public function behaviors()
{
return ArrayHelper::merge(parent::behaviors(), ['authenticator' => ['class' => HttpBasicAuth::className(), 'auth' => function ($username, $password) {
$model = User::findOne(['username' => $username]);
if ($model->validatePassword($password)) {
return $model;
}
}]]);
}
/**
* @return array
*/
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBasicAuth::className(), 'auth' => function ($username, $password) {
$user = User::findByLogin($username);
return $user->validatePassword($password) ? $user : null;
}], HttpBearerAuth::className(), QueryParamAuth::className()]];
return $behaviors;
}
public function behaviors()
{
$behaviors = parent::behaviors();
if (!$this->isActionPublic()) {
$behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [['class' => QueryParamAuth::className(), 'tokenParam' => 'access_token'], ['class' => HttpBasicAuth::className(), 'auth' => [$this, 'authByPassword']]]];
}
Yii::$app->response->format = Response::FORMAT_JSON;
return $behaviors;
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = ['class' => HttpBasicAuth::className(), 'auth' => [$this, 'auth'], 'only' => ['create', 'update', 'delete']];
$behaviors['contentNegotiator'] = ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML]];
$behaviors['access'] = ['class' => AccessControl::className(), 'ruleConfig' => ['class' => AccessRule::className()], 'only' => ['create', 'update', 'delete'], 'rules' => [['allow' => true, 'actions' => ['create', 'update'], 'roles' => [User::ROLE_ADMIN, User::ROLE_USER]], ['allow' => true, 'actions' => ['delete'], 'roles' => [User::ROLE_ADMIN]]]];
$behaviors['verbs'] = ['class' => VerbFilter::className(), 'actions' => ['search-airport' => ['post', 'get']]];
return $behaviors;
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = ['class' => HttpBasicAuth::className(), 'auth' => function ($username, $password) {
// Return Identity object or null
return User::findByUsernameAndPassword($username, $password);
}];
return $behaviors;
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['verbs'] = ['class' => \yii\filters\VerbFilter::className(), 'actions' => ['myCustomAction' => ['get', 'head']]];
$behaviors['authenticator'] = ['except' => ['myCustomAction'], 'class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBasicAuth::className()], ['class' => QueryParamAuth::className()]]];
return $behaviors;
/*$behaviors['authenticator'] = [
'except' => 'myCustomAction',
'class' => HttpBasicAuth::className(),
];*/
//return $behaviors;
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = ['except' => ['access-token-by-user'], 'class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBasicAuth::className(), 'auth' => function ($username, $password) {
$out = null;
$user = \common\models\User::findByUsername($username);
if ($user != null) {
if ($user->validatePassword($password)) {
$out = $user;
}
}
return $out;
}], ['class' => QueryParamAuth::className()]]];
return $behaviors;
}
public function behaviors()
{
return ArrayHelper::merge(parent::behaviors(), ['authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [HttpBasicAuth::className(), HttpBearerAuth::className(), QueryParamAuth::className()]]]);
}
public function behaviors()
{
return ArrayHelper::merge(parent::behaviors(), ['authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [HttpBasicAuth::className(), HttpBearerAuth::className(), ['class' => QueryParamAuth::className(), 'tokenParam' => 'access_token']]], 'contentNegotiator' => ['class' => 'yii\\filters\\ContentNegotiator', 'formats' => ['application/json' => Response::FORMAT_JSON]]]);
}
/**
* @inheritdoc
*/
public function behaviors()
{
return ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]], 'verbFilter' => ['class' => VerbFilter::className(), 'actions' => $this->verbs()], 'authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [HttpBasicAuth::className(), HttpBearerAuth::className(), QueryParamAuth::className()]], 'rateLimiter' => ['class' => RateLimiter::className()]];
}
public function behaviors()
{
return ArrayHelper::merge(parent::behaviors(), ['authenticator' => ['class' => HttpBasicAuth::className(), 'except' => ['create', 'login', 'resetpassword']], 'contentNegotiator' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML]]]);
}
/**
* @inheritdoc
*/
public function behaviors()
{
return ArrayHelper::merge(parent::behaviors(), ['authenticator' => ['class' => HttpBasicAuth::className()]]);
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [HttpBasicAuth::className()]];
return $behaviors;
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [['class' => SessionAuth::className()], ['class' => HttpBasicAuth::className(), 'auth' => [$this, 'authByPassword']]]];
return $behaviors;
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = ['class' => HttpBasicAuth::className()];
return $behaviors;
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [HttpBearerAuth::className(), ['class' => QueryParamAuth::className(), 'tokenParam' => 'access_token'], ['class' => HttpBasicAuth::className(), 'auth' => [$this, 'auth']]]];
return $behaviors;
}
/**
* @inheritdoc
*/
public function behaviors()
{
return ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]], 'verbFilter' => ['class' => VerbFilter::className(), 'actions' => $this->verbs()], 'authenticator' => ['class' => CompositeAuth::className(), 'except' => ['index', 'view', 'options'], 'authMethods' => [HttpBasicAuth::className(), HttpBearerAuth::className(), QueryParamAuth::className()]], 'access' => ['class' => AccessControl::className(), 'only' => ['create', 'update', 'delete'], 'rules' => [['actions' => ['create', 'update', 'delete'], 'allow' => true, 'roles' => ['@']]]], 'rateLimiter' => ['class' => RateLimiter::className()]];
}
public function behaviors()
{
$pb = ArrayHelper::merge(parent::behaviors(), ['verbFilter' => ['class' => VerbFilter::className(), 'actions' => ['index' => ['get'], 'view' => ['get'], 'create' => ['get', 'post'], 'update' => ['get', 'put', 'post'], 'delete' => ['post', 'delete']]], 'authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [HttpBasicAuth::className(), HttpBearerAuth::className(), QueryParamAuth::className()]]]);
return $pb;
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = array('class' => HttpBasicAuth::className());
$behaviors['bootstrap'] = array('class' => ContentNegotiator::className(), 'formats' => array('application/json' => Response::FORMAT_JSON));
return $behaviors;
}
