我正在使用poster来测试我的API,但由于某些原因,它不再工作,因为每个请求都在说
您正在使用无效凭据进行请求。
我注意到,如果我在调试器中查看,Authorization
请求标头不会显示。我已经测试过在poster中添加其他头,这些头确实出现了。
我在common'models'User
:中设置了要通过访问令牌查找的用户模型
public static function findIdentityByAccessToken($token, $type = null)
{
return static::findOne(['access_token' => $token]);
}
我在控制器的行为功能中有这个:
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = [
'class' => HttpBasicAuth::className(),
];
$behaviors['access'] = [
'class' => AccessControl::className(),
'rules' => [
[
'allow' => true,
'roles' => ['@'],
'verbs' => ['GET'],
],
],
];
return $behaviors;
}
这是我的main.php文件的组件部分:
'components' => [
'user' => [
'identityClass' => 'common'models'User',
'enableAutoLogin' => false,
],
'log' => [
'targets' => [
[
'class' => 'yii'log'DbTarget',
'levels' => ['error', 'warning'],
],
],
],
'urlManager' => [
'enablePrettyUrl' => true,
'enableStrictParsing' => true,
'showScriptName' => false,
'rules' => [
'v1/login' => 'v1/login',
['class' => 'yii'rest'UrlRule', 'controller' => ['v1/user']],
['class' => 'yii'rest'UrlRule', 'controller' => ['v1/userinfo']],
'v1/<controller>/<action>' => 'v1/<controller>/<action>',
],
],
'request' => [
'parsers' => [
'application/json' => 'yii'web'JsonParser',
]
]
],
在.htaccess文件中添加:
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
由于Apache隐藏了授权头,我不得不将CGIPassAuth on
添加到目录配置中。
您需要在api中传递基本格式的Authorization Header。Ex-Basic{token}