I follow this tut http://www.yiiframework.com/wiki/175/how-to-create-a-rest-api/#hh14
and I have a method for authentication is
private function _checkAuth() {
// Check if we have the USERNAME and PASSWORD HTTP headers set?
if (!(isset($_SERVER['HTTP_X_' . self::APPLICATION_ID . '_USERNAME']) and isset($_SERVER['HTTP_X_' . self::APPLICATION_ID . '_PASSWORD']))) {
// Error: Unauthorized
$this->_sendResponse(401);
}
$username = $_SERVER['HTTP_X_' . self::APPLICATION_ID . '_USERNAME'];
$password = $_SERVER['HTTP_X_' . self::APPLICATION_ID . '_PASSWORD'];
// Find the user
$user = User::model()->find('LOWER(username)=?', array(strtolower($username)));
if ($user === null) {
// Error: Unauthorized
$this->_sendResponse(401, 'Error: User Name is invalid');
} else if (!$user->validatePassword($password)) {
// Error: Unauthorized
$this->_sendResponse(401, 'Error: User Password is invalid');
}
}
How I can test this method by RESTClient addon
with header info
-
name: ?
-
value: ?
-
body: ?