Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Artem Prokhorov2021-06-10 14:23:54
Yii
Artem Prokhorov, 2021-06-10 14:23:54

How to auto login a user with BasicAuth enabled?

I need that after the user is correctly authorized, he remains logged in not only until the browser is closed, but also after. In other words, so that after the browser is closed (but after a small amount of time has passed), when you log in again, the alert does not pop up with inputs for the login and password.

Authentication code in behaviors:

'authenticator' => [
                'class' => \yii\filters\auth\HttpBasicAuth::class,
                'auth' => function ($username, $password) {
                    $user = User::find()->where(['username' => $username])->one();
                    if ($user && Yii::$app->getSecurity()->validatePassword($password, $user->password_hash)) {
                        if ($user->verification_token) {
                            return $user;
                        } else {
                            $token = Yii::$app->getSecurity()->generateRandomString();
                            $user->verification_token = $token;
                            $user->save();
                            $this->serializer['token'] = $token;
                            return $user;
                        }
                    } else {
                        return null;
                    }
                },
            ],


The User model in the common package did not change at all (only implements IdentityInterface was registered).

This is my line in main.php backing up for the user component:

'user' => [
            'identityClass' => 'common\models\User',
            'enableAutoLogin' => true,
            'enableSession' => false,
            'identityCookie' => ['name' => '_identity-backend', 'httpOnly' => true],
        ],


This is my fetch in js with the login and password already sent, but for some reason authentication understands them only after entering the information in the alert inputs. That is, they first need to be entered, and only then this fetch will receive json without an alert (before closing the browser, after closing on a new one, everything is the same):

let username = 'admin';
        let password = '!QAZ2wsx';
        let headers = new Headers();
        headers.set('Authorization', 'Basic ' + btoa(username + ":" + password));
        fetch('http://back.ru/menu?tree=1', {
            credentials: "include",
            headers:  {
                headers
            },
        })
            .then(response => response.json()).then(data => { context.commit('SET_LIST', data) });

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Artem Prokhorov, 2021-06-14
@kotcich

As a result, I found out that the server does not see the headers if they were sent through the new Headers() object
, and when I added the headers manually, like this:
headers: {
'Authorization': 'Basic ' + btoa(username + ":" + password);
},
then the server has already begun to see the sent data.

Similar questions
Y
Yura Mailler2021-04-01 17:40:00
How to hide buttons in a VK bot and enable others? 3Reply
R
robotcigan2015-05-27 20:19:49
Why doesn't IntelliJ IDEA 14 update css and js files? 1Reply
L
LightSid2016-11-11 16:04:35
How to attach two handlers in ActiveForm? 1Reply
G
Greg Popov2016-11-12 15:48:11
Where can I find a normal crop for Yii2 photos? 2Reply
J
JohnSky72019-04-10 13:45:45
How to install vendor and vagrant? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question