如何解决Yii2 Restful API 无效凭证
我正在尝试在 Yii2 上创建我的第一个 API。但似乎无法通过身份验证过程。我正在尝试使用 access_token 身份验证。
这是我的结构
[api]
- [config]
- - bootstrap.php
- - main-local.php
- - main.php
- - params-local.php
- - params.php
- [modules]
- - [v1]
- - - [components]
- - - -ApiController.php - (extends \yii\rest\ActiveController)
- - - [controllers]
- - - - UserController.php - (extends ApiController)
- - - [models]
- - - - User.php - (sets tableName,primaryKey,rules)
- - - Module.php
在我的 api/config/main.php 中有这个
<?php
$params = array_merge(
require(__DIR__ . '/../../common/config/params.php'),require(__DIR__ . '/../../common/config/params-local.php'),require(__DIR__ . '/params.php'),require(__DIR__ . '/params-local.php')
);
return [
'id' => 'app-api'
'name' => 'My Yii2 API','basePath' => dirname(__DIR__),'controllerNamespace' => 'api\controllers','bootstrap' => ['log'],'modules' => [
'v1' => [
'basePath' => '@app/modules/v1','class' => 'api\modules\v1\Module'
]
],'components' => [
'user' => [
'identityClass' => 'common\models\User','enableSession' => false,'loginUrl' => null,'enableAutoLogin' => false,],'request' => [
'class' => '\yii\web\Request','enableCookieValidation' => false,'parsers' => [
'application/json' => 'yii\web\JsonParser',]
],'log' => [
'traceLevel' => YII_DEBUG ? 3 : 0,'targets' => [
[
'class' => 'yii\log\FileTarget','levels' => ['error','warning'],'urlManager' => [
'enablePrettyUrl' => true,'enableStrictParsing' => true,'showScriptName' => false,'rules' => [
[
'class' => 'yii\rest\UrlRule','controller' => 'v1/user',]
],'params' => $params,];
在我的 api/modules/v1/components/ApiController.php 中有这个
<?php
namespace api\modules\v1\components;
use yii\filters\auth\QueryParamAuth;
use yii\filters\Cors;
/**
* API Base Controller
* All controllers within API app must extend this controller!
*/
class ApiController extends \yii\rest\ActiveController
{
public function behaviors()
{
$behaviors = parent::behaviors();
// add CORS filter
$behaviors['corsFilter'] = [
'class' => Cors::className(),];
// add QueryParamAuth for authentication
$behaviors['authenticator'] = [
'class' => QueryParamAuth::className(),];
// avoid authentication on CORS-pre-flight requests (HTTP OPTIONS method)
$behaviors['authenticator']['except'] = ['options'];
return $behaviors;
}
}
在我的 api/modules/v1/controllers/UserController.php 中有这个
<?php
namespace api\modules\v1\controllers;
/**
* User Controller
*/
class UserController extends \api\modules\v1\components\ApiController
{
public $modelClass = 'api\modules\v1\models\User';
}
在我的 api/modules/v1/models/User.php 中有这个
<?php
namespace api\modules\v1\models;
use \yii\db\ActiveRecord;
/**
* User Model
*/
class User extends ActiveRecord
{
/**
* @inheritdoc
*/
public static function tableName()
{
return 'user';
}
/**
* @inheritdoc
*/
public static function primaryKey()
{
return ['id'];
}
/**
* Define rules for validation
*/
public function rules()
{
return [
[['username','email','password_hash'],'required']
];
}
}
在我的 api/modules/v1/Module.php 中有这个
<?php
namespace api\modules\v1;
class Module extends \yii\base\Module
{
public $controllerNamespace = 'api\modules\v1\controllers';
public function init()
{
parent::init();
}
}
最后,我修改了 /common/models/User.php 来处理 access_token
/**
* Finds an identity by the given token.
*
* @param string $token the token to be looked for
* @return IdentityInterface|null the identity object that matches the given token.
*/
public static function findIdentityByAccessToken($token,$type = null)
{
return static::findOne(['access_token' => $token,'status' => self::STATUS_ACTIVE]);
}
我已将 access_token 添加到我的用户表中,并且
在我的邮递员那里,我得到 https://mydomain/v1/users?access_token=4p9mj82PTl1BWSya7bfpU_Nm8u07hkcB
但我收到此错误
{
"success": false,"data": {
"name": "Unauthorized","message": "Your request was made with invalid credentials.","code": 0,"status": 401
}
}
知道我在这里遗漏了什么吗?谢谢
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。