How to configure REST HTTP Basic Auth using dektrium-yii2-user module

Customizable way to send a HTTP Basic Auth token access

I use the modules

I send the header for the Authorization: Basic base64_encode (username: password)

Search by name goes well, and of course the basis of stored password hash. How to be with him?

Here is my controller code:


namespace app\modules\api\controllers;

use app\modules\insurance\models\Insurance;

use yii\base\Security;

use yii\rest\Controller;

use Yii;

use yii\filters\auth\HttpBasicAuth;

use dektrium\user\helpers\Password;

class InsuranceController extends Controller


    public $modelClass = 'app\modules\insurance\models\Insurance';

    public function behaviors()


        $behaviors = parent::behaviors();

        $behaviors['authenticator'] = [

            'class' => HttpBasicAuth::className(),

            'auth' => [$this, 'auth']


        return $behaviors;


    public function auth($username, $password)


        return \app\models\User::findOne(


                'username' => $username,

                'password_hash' => What to write here <img src='' class='bbc_emoticon' alt='???' />?<img src='' class='bbc_emoticon' alt='???' />?<img src='' class='bbc_emoticon' alt='???' />??





better to use it this way:

public function auth($username, $password)


        $user = \app\models\User::findByUsername($username);

        if(!$username or !$password or !$user)

            //return false;


            throw new UserException( "There is an error!" );

        if ($user->validatePassword($psw)) 

            return $user;


            //return false;


            throw new UserException( "Wrong username or password!" );