Is it possible to use $behaviors['access'] and $behaviors['authenticator'] together?

V

Vladimir Vasiliev2015-03-06 18:47:05

Yii

Vladimir Vasiliev, 2015-03-06 18:47:05

Can I use these 2 behaviors in conjunction for a controller inherited from ActiveController?
If so, how?
Here is an example code:

public function behaviors() {
        $behaviors = parent::behaviors();

        $behaviors['authenticator'] = [
            'class' => TokenAuth::className()
        ];

        $behaviors['access'] = array(
            'class' => \yii\filters\AccessControl::className(),
            'only' => ['login', 'registration', 'logout'],
            'rules' => array(
                [
                    'allow' => true,
                    'actions' => ['login', 'registration'],
                    'roles' => ['?'],
                    'verbs' => ['post']
                ],
                [
                    'allow' => true,
                    'actions' => ['logout'],
                    'roles' => ['@'],
                ],
            )
        );

        return $behaviors;
    }

In this example, behavior['authenticator'] always fires! Although I would like it to work taking into account $behaviors['access'].
For example: By default, all methods are disabled. For unauthorized users, the login and registration methods are available. For authorized users, the logout method is available.
PS
Do not look at 'class' => TokenAuth::className()it is almost identicalQueryParamAuth::className()

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

M

max_obninsk, 2015-10-27
@max_obninsk

For the authenticator filter , you can specify actions to which the filter should not be applied:

$behaviors['authenticator'] = [
            'class' => TokenAuth::className(),
            'except' => ['login', 'registration']
        ];

www.yiiframework.com/doc-2.0/guide-structure-filte...