How the auth works

[bilalbayasut]

trafficstars

Hi I would like to know how to authenticate the logged in user to access certain api. If i want to simulate that, which value and where should I put the authkey? thanks

[bilalbayasut]

I've put the access-token in the headers and still it stays not authorized.

[githubjeka]

You can get access-token via method https://github.com/githubjeka/yii2-rest/blob/master/rest/versions/v1/controllers/UserController.php#L18

And You can see to how it work in test https://github.com/githubjeka/yii2-rest/blob/master/tests/codeception/rest/functional/PostAPICept.php

[bilalbayasut]

How can I do the test using rest client application (etc postman)? what key and value should I put in the header or payload?

[githubjeka]

Begin you should get this key from v1/user/login. See comment https://github.com/githubjeka/yii2-rest/issues/6#issuecomment-101134848

You can see auth-key in bottom. After receiving the key, just add it to your url as '?access-token=tUu1qHcde0diwUol3xeI-18MuHkkprQI`

$I->sendPUT(
    '/v1/posts/11111?access-token=tUu1qHcde0diwUol3xeI-18MuHkkprQI,
    ['title' => 'My first post', 'content' => 'There are many words....', 'status' => 2]
);

[bilalbayasut]

I see, so basically what you mean by access-token here is actually the auth_key? thanks in advance :)

[bilalbayasut]

my url is http://localhost/admbackend/rest/rest/web/v1/educationlevel/getall?access-token=vBZS7KGrvXesyOkgQhGYCY5KCZi6st5g

I've tried and the result is :

{ name: "Not Supported" message: ""findIdentityByAccessToken" is not implemented." code: 0 type: "yii\base\NotSupportedException" file: "C:\xampp\htdocs\admbackend\rest\common\models\User.php" line: 123

[githubjeka]

In advanced app findIdentityByAccessToken is not implemented. See my bad implement

For understanding: Auth-key use for cookie of remember me in Yii. Better to create new field access-token in table User singly. And work with him in findIdentityByAccessToken instead auth_key