I’m using Yii 2 as the backend (server side) framework for a website which works with an external (“custom”) API in order to grab the content.
Now I’m implementing the user authentication and the users are handled from the API too so to authenticate I’m making a call to the API to obtain the access token and the refresh token (they’re using oAuth 2 with bearer).
If the user credentials are correct I get the tokens and the user information and I was thinking of storing them using the User model which implements IdentityInterface.
However I’m not sure if this is the best approach and I have a few doubts:
since I don’t have a list of users, how should I implement methods like findIdentity and findIdentityByAccessToken?
in this situation, do I need the user to have its authKey ?