How to setup cross domain request in Yii2?

E

enchikiben2015-12-06 21:24:49

Yii

enchikiben, 2015-12-06 21:24:49

Good afternoon!
The essence of the problem of such api on yii2 lies on the api.site.lc domain, and requests come from admin.sitel.lc.
yii controller config:

class UserController extends ActiveController
{
  public $modelClass = 'common\models\User';

  public function behaviors()
  {
    $behaviors = parent::behaviors();
    $behaviors['authenticator'] = [
      'class' => HttpBearerAuth::className()
    ];
    $behaviors['corsFilter'] = [
      'class' => Cors::className()
    ];
    return $behaviors;
  }

  public function actionTest()
  {
    echo 111;
  }
}

From Angular, I send a /user/test request, and as far as I understand CORS, the "OPTIONS" request (without Bearer) is sent first, like you can find out if you can not contact. But yii beats me off on this request as non-authorized, since there is no Bearer, Bearer must be specified in the get itself of the request body.
How to be?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

M

matperez, 2015-12-07
@matperez

Pass the token via header stackoverflow.com/questions/14183025/setting-appli... . BearerAuth gets the token from the header .
Or, as an option, you can configure the return of CORS headers at the web server level so that they do not go to Yii at all enable-cors.org/server.html .

V

vyachin, 2015-12-07
@vyachin

Add to controller

public function behaviors()
{
    return [
        'corsFilter' => [
            'class' => \yii\filters\Cors::className(),
            'Origin' => ['http://admin.sitel.lc],
        ],
    ];
}

details here www.yiiframework.com/doc-2.0/yii-filters-cors.html