示例#1
0
 /**
  * @inheritdoc
  */
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['rateLimiter'] = ['class' => RateLimiter::className(), 'enableRateLimitHeaders' => false];
     $behaviors['contentNegotiator'] = ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]];
     return $behaviors;
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     /*
     // test with basic auth which can be set in params
     $behaviors['authenticator'] = [
     'class' => HttpBasicAuth::className(),
     'auth'  => function ($username, $password) {
         if ($username==\Yii::$app->params['HttpBasicAuth']['username'] && $password==\Yii::$app->params['HttpBasicAuth']['password']) {
             return new User();
         } else {
             return null;
         }
     }];
     */
     $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [HttpBasicAuth::className(), QueryParamAuth::className()]];
     /*
     //set response header to application/json only
     $behaviors['contentNegotiator'] = [
             'class' => ContentNegotiator::className(),
             'formats' => [
                 'application/json' => Response::FORMAT_JSON,
     //            'application/xml' => Response::FORMAT_XML,
             ],
     ];
     */
     return $behaviors;
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => HttpBasicAuth::className()];
     /*
      * The W3 spec for CORS preflight requests clearly states that user credentials should be excluded. 
      * There is a bug in Chrome and WebKit where OPTIONS requests returning a status of 401 still send 
      * the subsequent request.
      *
      * Firefox has a related bug filed that ends with a link to the W3 public webapps mailing list asking 
      * for the CORS spec to be changed to allow authentication headers to be sent on the OPTIONS request 
      * at the benefit of IIS users. Basically, they are waiting for those servers to be obsoleted.
      * 
      * How can I get the OPTIONS request to send and respond consistently?
      * 
      * Simply have the server (API in this example) respond to OPTIONS requests without requiring authentication. 
      */
     /*$behaviors['access'] = [
           'class' => AccessControl::className(),
           'only' => ['options'],
           'rules' => [
               [
                   'allow' => true,
                   'roles' => '?',
               ],
           ]
       ];*/
     $behaviors['contentNegotiator']['formats']['application/json'] = isset($_GET['callback']) ? \yii\web\Response::FORMAT_JSONP : \yii\web\Response::FORMAT_JSON;
     $behaviors['contentNegotiator']['formats']['application/jsonp'] = \yii\web\Response::FORMAT_JSONP;
     return $behaviors;
 }
示例#4
0
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['verbs'] = ['class' => VerbFilter::className(), 'actions' => ['indexWithQuote' => ['get']]];
     $behaviors['authenticator'] = ['class' => HttpBasicAuth::className()];
     return $behaviors;
 }
示例#5
0
 public function behaviors()
 {
     $self = self::className();
     $behaviors = parent::behaviors();
     $behaviors['access'] = ['class' => \app\components\filters\AccessControl::className(), 'rules' => $self::getAccessRules()];
     return $behaviors;
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => HttpBearerAuth::className(), 'except' => ['options']];
     $behaviors['corsFilter'] = ['class' => Cors::className()];
     return $behaviors;
 }
示例#7
0
 /**
  * 行为扩展
  * @return array
  */
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     //        $behaviors['contentNegotiator']['formats']['text/html'] = Response::FORMAT_HTML;
     $behaviors['contentNegotiator']['formats'] = ['application/json' => Response::FORMAT_JSON];
     return $behaviors;
 }
示例#8
0
 /**
  * @inheritdoc
  */
 public function behaviors()
 {
     $behaviors = ArrayHelper::merge(parent::behaviors(), ['authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBearerAuth::className()], ['class' => QueryParamAuth::className(), 'tokenParam' => 'accessToken']]], 'exceptionFilter' => ['class' => ErrorToExceptionFilter::className()], 'corsFilter' => ['class' => \backend\rest\filters\Cors::className(), 'cors' => ['Origin' => ['*'], 'Access-Control-Request-Method' => ['POST', 'PUT', 'OPTIONS', 'PATCH', 'DELETE'], 'Access-Control-Request-Headers' => ['X-Pagination-Total-Count', 'X-Pagination-Page-Count', 'X-Pagination-Current-Page', 'X-Pagination-Per-Page', 'Content-Length', 'Content-type', 'Link'], 'Access-Control-Allow-Credentials' => true, 'Access-Control-Max-Age' => 3600, 'Access-Control-Expose-Headers' => ['X-Pagination-Total-Count', 'X-Pagination-Page-Count', 'X-Pagination-Current-Page', 'X-Pagination-Per-Page', 'Content-Length', 'Content-type', 'Link'], 'Access-Control-Allow-Headers' => ['X-Pagination-Total-Count', 'X-Pagination-Page-Count', 'X-Pagination-Current-Page', 'X-Pagination-Per-Page', 'Content-Length', 'Content-type', 'Link']]]]);
     if (isset(\Yii::$app->params['httpCacheActive']) and \Yii::$app->params['httpCacheActive']) {
         $params = \Yii::$app->getRequest()->getQueryParams();
         unset($params['accessToken']);
         $behaviors['httpCache'] = ['class' => HttpCache::className(), 'params' => $params, 'lastModified' => function ($action, $params) {
             $q = new \yii\db\Query();
             $class = $this->modelClass;
             if (in_array('updated_at', $class::getTableSchema()->getColumnNames())) {
                 return strtotime($q->from($class::tableName())->max('updated_at'));
             }
             if (in_array('modified', $class::getTableSchema()->getColumnNames())) {
                 return strtotime($q->from($class::tableName())->max('modified'));
             }
             return null;
         }, 'etagSeed' => function (Action $action, $params) {
             $iterator = new \RecursiveIteratorIterator(new \RecursiveArrayIterator($params));
             $keys = array();
             foreach ($iterator as $key => $value) {
                 // Build long key name based on parent keys
                 for ($i = $iterator->getDepth() - 1; $i >= 0; $i--) {
                     $key = $iterator->getSubIterator($i)->key() . '_' . $key;
                     if (!is_array($iterator->getSubIterator($i)->current())) {
                         $value = $iterator->getSubIterator($i)->current() . '_' . $value;
                     }
                 }
                 $keys[] = $key . '-' . $value;
             }
             $uniqueId = implode('-', $keys);
             return $uniqueId;
         }];
     }
     return $behaviors;
 }
示例#9
0
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['contentNegotiator']['formats']['text/html'] = Response::FORMAT_HTML;
     //        $behaviors['contentNegotiator']['languages'] = [ 'en', 'zh-CN',];
     return $behaviors;
 }
示例#10
0
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator']['class'] = QueryParamAuth::className();
     $behaviors['authenticator']['tokenParam'] = 'access_token';
     return $behaviors;
 }
示例#11
0
 /**
  * Some rules in this controller
  * @return Rules behaviors
  */
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => QueryParamAuth::className(), 'tokenParam' => 'token'];
     unset($behaviors['rateLimiter']);
     return $behaviors;
 }
示例#12
0
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => HttpBearerAuth::className()];
     $behaviors['contentNegotiator'] = ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]];
     return $behaviors;
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => HttpBearerAuth::className()];
     $behaviors['access'] = ['class' => AccessControl::className(), 'only' => ['create', 'index', 'update', 'delete'], 'rules' => [['allow' => true, 'actions' => ['create', 'index', 'update', 'delete'], 'roles' => ['ADMIN']]]];
     return $behaviors;
 }
示例#14
0
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'except' => ['login', 'error'], 'authMethods' => [HttpBearerAuth::className()]];
     unset($behaviors['rateLimiter']);
     return $behaviors;
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     //$behaviors['contentNegotiator']['formats']['text/html'] = Response::FORMAT_JSON; //setting JSON as default reply
     $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [HttpBasicAuth::className(), HttpBearerAuth::className(), QueryParamAuth::className()]];
     return $behaviors;
 }
示例#16
0
 /**
  * @inheritdoc
  */
 public function behaviors()
 {
     $event = new \yii\base\Event();
     $event->data = [];
     $this->module->trigger(self::EVENT_BEFORE_BEHAVIOR, $event);
     return ArrayHelper::merge(parent::behaviors(), $event->data, ['access' => ['class' => AccessControl::className(), 'rules' => [['allow' => true, 'actions' => ['options'], 'roles' => ['?']], ['allow' => true, 'actions' => ['create', 'view', 'current', 'extend'], 'roles' => ['@']]]]]);
 }
示例#17
0
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     // enabled HttpBearerAuth
     $behaviors['authenticator'] = ['class' => HttpBearerAuth::className()];
     return $behaviors;
 }
示例#18
0
 /**
  * @inheritdoc
  */
 public function behaviors()
 {
     // send Authorization : Basic base64(token:) in header
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => HttpBasicAuth::className()];
     $behaviors['verbs'] = ['class' => VerbFilter::className(), 'actions' => ['index' => ['GET'], 'view' => ['GET'], 'create' => ['PUT'], 'update' => ['POST', 'PATCH'], 'delete' => ['DELETE']]];
     return $behaviors;
 }
示例#19
0
 /**
  * @inheritdoc
  */
 public function behaviors()
 {
     // bootstrap the ContentNegotiatot behavior earlier to use detected format for authenticator
     /** @var ContentNegotiator $contentNegotiator */
     $contentNegotiator = Yii::createObject(['class' => ContentNegotiator::className(), 'formats' => ['text/html' => Response::FORMAT_HTML, 'application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML, 'text/csv' => Response::FORMAT_CSV, 'application/pdf' => Response::FORMAT_PDF, 'application/vnd.ms-excel' => Response::FORMAT_XLS]]);
     $contentNegotiator->negotiate();
     return array_merge(parent::behaviors(), ['contentNegotiator' => $contentNegotiator, 'authenticator' => ['class' => \yii\filters\auth\CompositeAuth::className(), 'authMethods' => !Yii::$app->user->getIsGuest() || Yii::$app->response->format === Response::FORMAT_HTML ? [] : [\yii\filters\auth\HttpBasicAuth::className(), \yii\filters\auth\QueryParamAuth::className()]], 'rateLimiter' => ['class' => \yii\filters\RateLimiter::className(), 'user' => Yii::$app->user->getIdentity()], 'access' => ['class' => AccessControl::className(), 'rules' => [['allow' => true, 'roles' => ['@']]]], 'menu' => ['class' => ActiveNavigation::className()]]);
 }
示例#20
0
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     // $behaviors['authenticator'] = [
         // 'class' => HttpBasicAuth::className(),
     // ];
     return $behaviors;
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     /*$behaviors['authenticator'] = [
           'class' => HttpBasicAuth::className(),
           'class' => HttpBearerAuth::className()
       ];*/
     return $behaviors;
 }
示例#22
0
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     if (array_key_exists('contentNegotiator', $behaviors) && $this->action instanceof Action) {
         // yii\mozayka\crud\Action
         unset($behaviors['contentNegotiator']);
     }
     return $behaviors;
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['access'] = ['class' => AccessControl::className(), 'rules' => [['allow' => true, 'actions' => ['index', 'search'], 'roles' => ['?']], ['allow' => true, 'actions' => ['index', 'search', 'view', 'create', 'update', 'delete', 'options'], 'roles' => ['admin']]]];
     $behaviors['authenticator'] = ['class' => \yii\filters\auth\HttpBasicAuth::className(), 'auth' => function ($username, $password) {
         return \app\models\User::findByUsernameAndPassword($username, $password);
     }, 'except' => ['index', 'search']];
     return $behaviors;
 }
示例#24
0
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => HttpBasicAuth::className(), 'auth' => [$this, 'auth'], 'only' => ['create', 'update', 'delete']];
     $behaviors['contentNegotiator'] = ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML]];
     $behaviors['access'] = ['class' => AccessControl::className(), 'ruleConfig' => ['class' => AccessRule::className()], 'only' => ['create', 'update', 'delete'], 'rules' => [['allow' => true, 'actions' => ['create', 'update'], 'roles' => [User::ROLE_ADMIN, User::ROLE_USER]], ['allow' => true, 'actions' => ['delete'], 'roles' => [User::ROLE_ADMIN]]]];
     $behaviors['verbs'] = ['class' => VerbFilter::className(), 'actions' => ['search-airport' => ['post', 'get']]];
     return $behaviors;
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => HttpBasicAuth::className(), 'auth' => function ($username, $password) {
         // Return Identity object or null
         return User::findByUsernameAndPassword($username, $password);
     }];
     return $behaviors;
 }
示例#26
0
 /**
  * @return array
  */
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBasicAuth::className(), 'auth' => function ($username, $password) {
         $user = User::findByLogin($username);
         return $user->validatePassword($password) ? $user : null;
     }], HttpBearerAuth::className(), QueryParamAuth::className()]];
     return $behaviors;
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['contentNegotiator']['formats']['text/html'] = Response::FORMAT_JSON;
     /*$behaviors['authenticator'] = [
           'class' => HttpBasicAuth::className(),
       ];*/
     return $behaviors;
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     // SEE https://github.com/yiisoft/yii2/pull/8626
     //$behaviors['corsFilter'] = [
     $behaviors[0] = ['class' => \yii\filters\Cors::className(), 'cors' => ['Origin' => ['*'], 'Access-Control-Request-Method' => ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'], 'Access-Control-Request-Headers' => ['*'], 'Access-Control-Allow-Credentials' => true, 'Access-Control-Expose-Headers' => ['Link', 'X-Pagination-Current-Page', 'X-Pagination-Page-Count', 'X-Pagination-Per-Page', 'X-Pagination-Total-Count']]];
     //$behaviors['authenticator'] = [
     $behaviors[1] = ['class' => \yii\filters\auth\HttpBearerAuth::className(), 'except' => ['options']];
     return $behaviors;
 }
示例#29
-1
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = array('class' => HttpBasicAuth::className());
     $behaviors['bootstrap'] = array('class' => ContentNegotiator::className(), 'formats' => array('application/json' => Response::FORMAT_JSON));
     return $behaviors;
 }
示例#30
-2
 /**
  * @inheritdoc
  */
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => HttpBearerAuth::className(), 'only' => ['dashboard']];
     $behaviors['access'] = ['class' => AccessControl::className(), 'only' => ['dashboard'], 'rules' => [['actions' => ['dashboard'], 'allow' => true, 'roles' => ['@']]]];
     return $behaviors;
 }