REST API Autenthication with QueryParamAuth


(Alvinthedeveloper) #1

Hi all,

I want to my Android application to receive data using REST API.

Currently,I can call the REST API just fine when I am logged in on my web browser but once I am logged off,a blank json array is returned.

How do I authenticate the user with a token in the URL using QueryParamAuth so that I can receive data from any device.


(Andrzej Bernat) #2

Try the below:




class ApiController extends Controller

{    

    public function beforeAction($action) {

        // Do it here if you want auth a user for each action

    }


    public function actionAuth($token)

    {

        $user = User::find()->where('token = :token', [':token'=> $token])->one();

        if (!$user) {throw new Exception('403')}

    }

}




(Andrzej Bernat) #3

Sorry, not enaugh green tea… I didn’t notice that you want to use QueryParamAuth. Take a look at this https://github.com/samdark/yii2-cookbook/issues/165