Inheritance | yii\filters\auth\HttpBearerAuth » yii\filters\auth\AuthMethod » yii\base\ActionFilter » yii\base\Behavior » yii\base\Object |
---|---|
Implements | yii\base\Configurable, yii\filters\auth\AuthInterface |
Available since version | 2.0 |
Source Code | https://github.com/yiisoft/yii2/blob/master/framework/filters/auth/HttpBearerAuth.php |
HttpBearerAuth is an action filter that supports the authentication method based on HTTP Bearer token.
You may use HttpBearerAuth by attaching it as a behavior to a controller or module, like the following:
public function behaviors() { return [ 'bearerAuth' => [ 'class' => \yii\filters\auth\HttpBearerAuth::className(), ], ]; }
Property | Type | Description | Defined By |
---|---|---|---|
$except | array | List of action IDs that this filter should not apply to. | yii\base\ActionFilter |
$only | array | List of action IDs that this filter should apply to. | yii\base\ActionFilter |
$optional | array | List of action IDs that this filter will be applied to, but auth failure will not lead to error. | yii\filters\auth\AuthMethod |
$owner | yii\base\Component|null | The owner of this behavior | yii\base\Behavior |
$realm | string | The HTTP authentication realm | yii\filters\auth\HttpBearerAuth |
$request | yii\web\Request | The current request. | yii\filters\auth\AuthMethod |
$response | yii\web\Response | The response to be sent. | yii\filters\auth\AuthMethod |
$user | yii\web\User | The user object representing the user authentication status. | yii\filters\auth\AuthMethod |
Method | Description | Defined By |
---|---|---|
__call() | Calls the named method which is not a class method. | yii\base\Object |
__construct() | Constructor. | yii\base\Object |
__get() | Returns the value of an object property. | yii\base\Object |
__isset() | Checks if a property is set, i.e. defined and not null. | yii\base\Object |
__set() | Sets value of an object property. | yii\base\Object |
__unset() | Sets an object property to null. | yii\base\Object |
afterAction() | This method is invoked right after an action is executed. | yii\base\ActionFilter |
afterFilter() | yii\base\ActionFilter | |
attach() | Attaches the behavior object to the component. | yii\base\Behavior |
authenticate() | Authenticates the current user. | yii\filters\auth\HttpBearerAuth |
beforeAction() | This method is invoked right before an action is to be executed (after all possible filters.) You may override this method to do last-minute preparation for the action. | yii\filters\auth\AuthMethod |
beforeFilter() | yii\base\ActionFilter | |
canGetProperty() | Returns a value indicating whether a property can be read. | yii\base\Object |
canSetProperty() | Returns a value indicating whether a property can be set. | yii\base\Object |
challenge() | Generates challenges upon authentication failure. | yii\filters\auth\HttpBearerAuth |
className() | Returns the fully qualified name of this class. | yii\base\Object |
detach() | Detaches the behavior object from the component. | yii\base\Behavior |
events() | Declares event handlers for the $owner's events. | yii\base\Behavior |
handleFailure() | Handles authentication failure. | yii\filters\auth\AuthMethod |
hasMethod() | Returns a value indicating whether a method is defined. | yii\base\Object |
hasProperty() | Returns a value indicating whether a property is defined. | yii\base\Object |
init() | Initializes the object. | yii\base\Object |
Method | Description | Defined By |
---|---|---|
getActionId() | Returns an action ID by converting yii\base\Action::$uniqueId into an ID relative to the module | yii\base\ActionFilter |
isActive() | Returns a value indicating whether the filter is active for the given action. | yii\base\ActionFilter |
isOptional() | Checks, whether authentication is optional for the given action. | yii\filters\auth\AuthMethod |
The HTTP authentication realm
public string $realm = 'api'
Authenticates the current user.
public yii\web\IdentityInterface authenticate ( $user, $request, $response ) | ||
---|---|---|
$user | yii\web\User | |
$request | yii\web\Request | |
$response | yii\web\Response | |
return | yii\web\IdentityInterface |
The authenticated user identity. If authentication information is not provided, null will be returned. |
throws | yii\web\UnauthorizedHttpException |
if authentication information is provided but is invalid. |
Generates challenges upon authentication failure.
For example, some appropriate HTTP headers may be generated.
public void challenge ( $response ) | ||
---|---|---|
$response | yii\web\Response |
© 2008–2017 by Yii Software LLC
Licensed under the three clause BSD license.
http://www.yiiframework.com/doc-2.0/yii-filters-auth-httpbearerauth.html