gpt4 book ai didi

php - 带有不记名身份验证的 Yii2 rest api

转载 作者:行者123 更新时间:2023-12-02 03:58:52 26 4
gpt4 key购买 nike

我创建了 api 结构/配置并且它可以工作,但现在我需要使用承载身份验证来设置它,并且我发送到 api 的每个 GET 请求(使用身份验证承载 XXXXXXXXXXXX)都会给我一个 401 错误:

{"name":"Unauthorized","message":"Your request was made with invalid credentials.","code":0,"status":401,"type":"yii\\web\\UnauthorizedHttpException"}

对于这个问题的所有片段的长度感到抱歉,但我尝试了一些更改,阅读了我在这里找到的所有内容但没有成功,我开始对此失去控制。我可能缺少什么?

我的应用程序使用具有下一个文件夹结构的高级模板(与我阅读的所有指南中的相同):

> -api
> --config
> --main.php
> --params.php
> --modules
> --v1
> --controllers
> --OrdersController.php
> --models
> --Orders.php
> --Module.php
> --web
> --index.php
> -backend
> -common
> -frontend...

api/config/main.php

<?php

$params = array_merge(
require(__DIR__ . '/../../common/config/params.php'),
require(__DIR__ . '/../../common/config/params-local.php'),
require(__DIR__ . '/params.php')
//require(__DIR__ . '/params-local.php')
);

return [
'id' => 'app-api',
'basePath' => dirname(__DIR__),
'bootstrap' => ['log'],
'modules' => [
'v1' => [
'basePath' => '@app/modules/v1',
'class' => 'api\modules\v1\Module'
]
],
'components' => [
'user' => [
'identityClass' => 'common\models\User',
'enableAutoLogin' => false,
'enableSession' => false,
'loginUrl' =>'',
],
'log' => [
'traceLevel' => YII_DEBUG ? 3 : 0,
'targets' => [
[
'class' => 'yii\log\FileTarget',
'levels' => ['error', 'warning'],
],
],
],
'urlManager' => [
'enablePrettyUrl' => true,
'enableStrictParsing' => true,
'showScriptName' => false,
'rules' => [
[
'class' => 'yii\rest\UrlRule',
'controller' => 'v1/countries',
'tokens' => [
'{id}' => '<id:\\w+>'
]

],
[
'class' => 'yii\rest\UrlRule',
'controller' => 'v1/orders',
'tokens' => [
'{id}' => '<id:\\w+>'
]

]
],
]
],
'params' => $params,
];

api/config/params.php

<?php
return [
'adminEmail' => 'admin@domain.com',
];

api/modules/v1/Module.php

<?php
namespace api\modules\v1;

class Module extends \yii\base\Module
{
public $controllerNamespace = 'api\modules\v1\controllers';

public function init()
{
parent::init();
\Yii::$app->user->enableSession = false;
}
}

api/modules/v1/controllers/OrdersController.php

<?php

namespace api\modules\v1\controllers;

use yii\rest\ActiveController;
use yii\web\Response;
use yii\filters\auth\CompositeAuth;
use yii\filters\auth\HttpBasicAuth;
use yii\filters\auth\HttpBearerAuth;
use yii\filters\auth\QueryParamAuth;

class OrdersController extends ActiveController
{
public $modelClass = 'api\modules\v1\models\Orders';

public function actions() // Just read only rest api
{
$actions = parent::actions();
unset($actions['delete'], $actions['create'], $actions['update']);
return $actions;
}

public function behaviors() {

$behaviors = parent::behaviors();

$behaviors['contentNegotiator']['formats']['text/html'] = Response::FORMAT_JSON;
$behaviors['authenticator'] = [
//'class' => HttpBasicAuth::className(),
'class' => HttpBearerAuth::className(),
//'class' => QueryParamAuth::className(),
];
return $behaviors;
}
}

通用/模型/User.php

<?php
namespace common\models;

use Yii;
use yii\base\NotSupportedException;
use yii\behaviors\TimestampBehavior;
use yii\db\ActiveRecord;
use yii\web\IdentityInterface;

/**
* User model
*
* @property integer $id
* @property string $username
* @property string $password_hash
* @property string $password_reset_token
* @property string $email
* @property string $auth_key
* @property integer $status
* @property integer $created_at
* @property integer $updated_at
* @property string $password write-only password
*/
class User extends ActiveRecord implements IdentityInterface
{
const STATUS_DELETED = 0;
const STATUS_ACTIVE = 10;


/**
* @inheritdoc
*/
public static function tableName()
{
return '{{%user}}';
}

/**
* @inheritdoc
*/
public function behaviors()
{
return [
TimestampBehavior::className(),
];
}

/**
* @inheritdoc
*/
public function rules()
{
return [
['status', 'default', 'value' => self::STATUS_ACTIVE],
['status', 'in', 'range' => [self::STATUS_ACTIVE, self::STATUS_DELETED]],
];
}

/**
* @inheritdoc
*/
public static function findIdentity($id)
{
return static::findOne(['id' => $id, 'status' => self::STATUS_ACTIVE]);
}

/**
* @inheritdoc
*/
public static function findIdentityByAccessToken($token, $type = null)
{
//throw new NotSupportedException('"findIdentityByAccessToken" is not implemented.');
return static::findOne(['auth_key' => $token]);
}

/**
* Finds user by username
*
* @param string $username
* @return static|null
*/
public static function findByUsername($username)
{
return static::findOne(['username' => $username, 'status' => self::STATUS_ACTIVE]);
}

/**
* Finds user by password reset token
*
* @param string $token password reset token
* @return static|null
*/
public static function findByPasswordResetToken($token)
{
if (!static::isPasswordResetTokenValid($token)) {
return null;
}

return static::findOne([
'password_reset_token' => $token,
'status' => self::STATUS_ACTIVE,
]);
}

/**
* Finds out if password reset token is valid
*
* @param string $token password reset token
* @return boolean
*/
public static function isPasswordResetTokenValid($token)
{
if (empty($token)) {
return false;
}

$timestamp = (int) substr($token, strrpos($token, '_') + 1);
$expire = Yii::$app->params['user.passwordResetTokenExpire'];
return $timestamp + $expire >= time();
}

/**
* @inheritdoc
*/
public function getId()
{
return $this->getPrimaryKey();
}

/**
* @inheritdoc
*/
public function getAuthKey()
{
return $this->auth_key;
}

/**
* @inheritdoc
*/
public function validateAuthKey($authKey)
{
return $this->getAuthKey() === $authKey;
}

/**
* Validates password
*
* @param string $password password to validate
* @return boolean if password provided is valid for current user
*/
public function validatePassword($password)
{
return Yii::$app->security->validatePassword($password, $this->password_hash);
}

/**
* Generates password hash from password and sets it to the model
*
* @param string $password
*/
public function setPassword($password)
{
$this->password_hash = Yii::$app->security->generatePasswordHash($password);
}

/**
* Generates "remember me" authentication key
*/
public function generateAuthKey()
{
$this->auth_key = Yii::$app->security->generateRandomString();
}

/**
* Generates new password reset token
*/
public function generatePasswordResetToken()
{
$this->password_reset_token = Yii::$app->security->generateRandomString() . '_' . time();
}

/**
* Removes password reset token
*/
public function removePasswordResetToken()
{
$this->password_reset_token = null;
}
}

提前谢谢你,

最佳答案

检查后this question我能够找到发生了什么。刚刚添加

SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

到 api/web/.htaccess 就可以了

这是最好的方法吗?

关于php - 带有不记名身份验证的 Yii2 rest api,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/42760295/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com