diff --git a/api/controllers/AuthenticationController.php b/api/controllers/AuthenticationController.php index f5f992a..f6f5240 100644 --- a/api/controllers/AuthenticationController.php +++ b/api/controllers/AuthenticationController.php @@ -4,11 +4,15 @@ namespace api\controllers; use api\models\LoginForm; use Yii; use yii\filters\AccessControl; +use yii\helpers\ArrayHelper; class AuthenticationController extends Controller { public function behaviors() { - return array_merge(parent::behaviors(), [ + return ArrayHelper::merge(parent::behaviors(), [ + 'authenticator' => [ + 'except' => ['login'], + ], 'access' => [ 'class' => AccessControl::class, 'rules' => [ diff --git a/api/controllers/Controller.php b/api/controllers/Controller.php index 1932f13..b5d716a 100644 --- a/api/controllers/Controller.php +++ b/api/controllers/Controller.php @@ -3,6 +3,7 @@ namespace api\controllers; use api\traits\ApiNormalize; use Yii; +use yii\filters\auth\HttpBearerAuth; /** * @property \common\models\Account|null $account @@ -12,8 +13,15 @@ class Controller extends \yii\rest\Controller { public function behaviors() { $parentBehaviors = parent::behaviors(); + // Добавляем авторизатор для входа по jwt токенам + $parentBehaviors['authenticator'] = [ + 'class' => HttpBearerAuth::className(), + ]; + // xml нам не понадобится unset($parentBehaviors['contentNegotiator']['formats']['application/xml']); + // rate limiter здесь не применяется + unset($parentBehaviors['rateLimiter']); return $parentBehaviors; } diff --git a/api/controllers/OauthController.php b/api/controllers/OauthController.php index c730cf1..0e57144 100644 --- a/api/controllers/OauthController.php +++ b/api/controllers/OauthController.php @@ -14,13 +14,17 @@ use yii\helpers\ArrayHelper; class OauthController extends Controller { public function behaviors() { - return array_merge(parent::behaviors(), [ + return ArrayHelper::merge(parent::behaviors(), [ + 'authenticator' => [ + 'except' => ['validate', 'issue-token'], + ], 'access' => [ 'class' => AccessControl::class, 'rules' => [ [ 'actions' => ['validate', 'issue-token'], 'allow' => true, + 'roles' => ['?'], ], [ 'actions' => ['complete'], diff --git a/api/controllers/SignupController.php b/api/controllers/SignupController.php index bc0191b..5c0cc8c 100644 --- a/api/controllers/SignupController.php +++ b/api/controllers/SignupController.php @@ -5,11 +5,15 @@ use api\models\ConfirmEmailForm; use api\models\RegistrationForm; use Yii; use yii\filters\AccessControl; +use yii\helpers\ArrayHelper; class SignupController extends Controller { public function behaviors() { - return array_merge(parent::behaviors(), [ + return ArrayHelper::merge(parent::behaviors(), [ + 'authenticator' => [ + 'except' => ['register', 'confirm'], + ], 'access' => [ 'class' => AccessControl::class, 'rules' => [ diff --git a/tests/codeception/api/functional/_steps/AccountSteps.php b/tests/codeception/api/functional/_steps/AccountSteps.php index 2b9f618..fc102b7 100644 --- a/tests/codeception/api/functional/_steps/AccountSteps.php +++ b/tests/codeception/api/functional/_steps/AccountSteps.php @@ -11,6 +11,9 @@ class AccountSteps extends FunctionalTester { $route = new LoginRoute($I); $route->login('Admin', 'password_0'); $I->canSeeResponseIsJson(); + $I->canSeeResponseJsonMatchesJsonPath('$.jwt'); + $jwt = $I->grabDataFromResponseByJsonPath('$.jwt')[0]; + $I->amBearerAuthenticated($jwt); } }