I don´t understand why a simple rest api can be a lot of problem and lost of time, ohh my Goodm there is someone can helpme ?
0- We have using the advanced mode Yii
1- We have a system im Yii2, it is use autentication and autorization, but now, i need to create a rest api for a cliente android. I need disable the autentication and autorization for all methods this api, because i just need to get the username and name of the user to put it in alog table.
2- The is my problema, i can´t be able to disable the login and the autentication fo do it, when i am not loged in this sistemy. When a do the logout, get a forbidem 403 and whem call the url on android i get the html of the login Yii.
3- I tryed a lot of tecniques to do it, but no sucsess, below, the is my files.
My controller:
class TokenController extends \yii\rest\ActiveController
{
public $modelClass = Token::class;
}
API module definition:
class ApiExpedicao extends \yii\base\Module
{
/**
* {@inheritdoc}
*/
public $controllerNamespace = ‘app\modules\api\controllers’;
/**
* {@inheritdoc}
*/
public function init()
{
parent::init();
\Yii::$app->user->enableSession = false;
// custom initialization code goes here
}
}
My Module:
class Module extends \yii\base\Module
{
public $controllerNamespace = ‘app\modules\v1\controllers’;
public function init()
{
parent::init();
\Yii::$app->user->enableSession = false;
}
}
My Main.php config in backend
‘user’ => [
//‘enableSession’ => false,//resolvido a diferenca no mofule
‘loginUrl’ => null,//parece nao afetar a aplocacao
‘identityClass’ => ‘common\models\User’,
‘enableAutoLogin’ => true,
‘identityCookie’ => [‘name’ => ‘_identity-backend’, ‘httpOnly’ => true],
],
My Main.php in common config
‘authManager’ => [
‘class’ => ‘yii\rbac\DbManager’,
],
‘urlManager’ => [
‘enablePrettyUrl’ => true,
‘enableStrictParsing’ => false,//no equals
‘showScriptName’ => true,//no equals
‘rules’ => [
['class' => 'yii\rest\UrlRule','pluralize' => false, 'controller' => ['v1/api'], 'except' => ['delete', 'create', 'update']],
['class' => 'yii\rest\UrlRule','pluralize' => false, 'controller' => ['v1/token']],
],
],
'modules' => [
'v1' => [
'basePath' => '@app/modules/v1',
'class' => 'app\modules\v1\Module',
],
],
];
My Entity from database to test
class Token extends ActiveRecord
{
public static function collectionName()
{
return 'token';
}
public function attributes()
{
return ['id', 'value'];
}
public function behaviors()
{
return [
TimestampBehavior::className(), // Auto timestamp created and updated properties
];
}
public function rules()
{
return [
[['value'], 'string'],
];
}
public function fields()
{
return [
'id',
'value',
];
}
}
the log tha i receved when i am not loged
2019-10-01 10:18:04 [192.168.5.78][-][8k12d17bjm3kbfpeit8jnm3e16][error][yii\web\HttpException:403] exception ‘yii\web\ForbiddenHttpException’ with message ‘Login Required’ in /var/www/html/azulejo_yii_dev/vendor/yiisoft/yii2/web/User.php:454
The url caled on the browser when i am loged:
http://host/index.php/v1/token
The response of the request:
<?xml version="1.0" encoding="ISO-8859-1"?> 1 teste 1 2 teste 2The response when I am not loget in the sistem or called by postman
Forbidden (#403)
Login Required
the log: 2019-10-01 10:18:04 [ip][-][8k12d17bjm3kbfpeit8jnm3e16][error][yii\web\HttpException:403] exception ‘yii\web\ForbiddenHttpException’ with message ‘Login Required’ in /var/www/html/azulejo_yii_dev/vendor/yiisoft/yii2/web/User.php:454