我有基于令牌的授权,为此我做了以下更改。
在用户模型中,如下重写findIdentityByaccessToken()
方法。
public static function findIdentityByaccessToken($token,$type = null)
{
$userlogin = Userdevices::find()->where(['access_token' => $token])->one();
if ($userlogin == array()) {
return null;
} else {
$User = Users::findOne(['id' => $userlogin->user_id]);
if (!count($User))
{
return null;
}
else {
$dbUser = [
'id' => $User->id,];
return new static($dbUser);
}
}
}
在Controller中,我如下添加behaviors()
。
public function behaviors()
{
$behaviors[] = [
'class' => \yii\filters\ContentNegotiator::classname(),'formats' => [
'application/json' => \yii\web\Response::FORMAT_JSON,],];
$behaviors['authenticator'] = [
'class' => HttpBearerauth::classname(),];
return $behaviors;
}
当API无法获取令牌或令牌无效时,会给出以下响应
{
"name": "Unauthorized","message": "You are requesting with an invalid credential.","code": 0,"status": 401,"type": "yii\\web\\UnauthorizedHttpException"
}
我要按照以下要求更改响应。
{
"code": 401,"name": "Unauthorized","is_logout": "Y","status": "error","message": "logout"
}