REST API access_token

Is there any method for creating access_token for rest api in yii2 user identity?

1 Like

There is nothing built-in to the template, but you can use Yii::$app->security->generateRandomString() yourself and save it into the user model.

Remember that this access token should only last a certain time after which it should be invalid but how you know that is not really described anywhere, I would suggest you add an expires column to the user model, set both and when you check the access token, if the date has expired, delete the token and return a login challenge to the API call.

I might write a blog post on this one day but you might find something useful on the REST guide: http://www.yiiframework.com/doc-2.0/guide-rest-authentication.html

1 Like