Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Artem Prokhorov2021-06-10 14:23:54
Yii
Artem Prokhorov, 2021-06-10 14:23:54

How to auto login a user with BasicAuth enabled?

I need that after the user is correctly authorized, he remains logged in not only until the browser is closed, but also after. In other words, so that after the browser is closed (but after a small amount of time has passed), when you log in again, the alert does not pop up with inputs for the login and password.

Authentication code in behaviors:

'authenticator' => [
                'class' => \yii\filters\auth\HttpBasicAuth::class,
                'auth' => function ($username, $password) {
                    $user = User::find()->where(['username' => $username])->one();
                    if ($user && Yii::$app->getSecurity()->validatePassword($password, $user->password_hash)) {
                        if ($user->verification_token) {
                            return $user;
                        } else {
                            $token = Yii::$app->getSecurity()->generateRandomString();
                            $user->verification_token = $token;
                            $user->save();
                            $this->serializer['token'] = $token;
                            return $user;
                        }
                    } else {
                        return null;
                    }
                },
            ],


The User model in the common package did not change at all (only implements IdentityInterface was registered).

This is my line in main.php backing up for the user component:

'user' => [
            'identityClass' => 'common\models\User',
            'enableAutoLogin' => true,
            'enableSession' => false,
            'identityCookie' => ['name' => '_identity-backend', 'httpOnly' => true],
        ],


This is my fetch in js with the login and password already sent, but for some reason authentication understands them only after entering the information in the alert inputs. That is, they first need to be entered, and only then this fetch will receive json without an alert (before closing the browser, after closing on a new one, everything is the same):

let username = 'admin';
        let password = '!QAZ2wsx';
        let headers = new Headers();
        headers.set('Authorization', 'Basic ' + btoa(username + ":" + password));
        fetch('http://back.ru/menu?tree=1', {
            credentials: "include",
            headers:  {
                headers
            },
        })
            .then(response => response.json()).then(data => { context.commit('SET_LIST', data) });

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Artem Prokhorov, 2021-06-14
@kotcich

As a result, I found out that the server does not see the headers if they were sent through the new Headers() object
, and when I added the headers manually, like this:
headers: {
'Authorization': 'Basic ' + btoa(username + ":" + password);
},
then the server has already begun to see the sent data.

Similar questions
M
m1zysh0w2017-07-16 14:10:56
How to change the module icon to your own? 3Reply
M
Maxim Timofeev2017-04-10 10:53:00
Why did the redirect suddenly become circular? 1Reply
I
Ivanoff-i2017-04-10 15:48:59
Is it possible in yii2 to pull data from the database into it again during the operation of the ActiveRecord model? 2Reply
D
des1roer2015-04-14 06:55:27
Yii pass-through authorization by username? 0Reply
D
Dmitry Baibukhtin2015-04-14 16:53:35
How to replace the class in the name of the input field with your own text? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question