How the auth works

[bilalbayasut]

Hi I would like to know how to authenticate the logged in user to access certain api. If i want to simulate that, which value and where should I put the authkey? thanks

[bilalbayasut]

I've put the access-token in the headers and still it stays not authorized.

[githubjeka]

You can get access-token via method https://github.com/githubjeka/yii2-rest/blob/master/rest/versions/v1/controllers/UserController.php#L18

And You can see to how it work in test
https://github.com/githubjeka/yii2-rest/blob/master/tests/codeception/rest/functional/PostAPICept.php

[bilalbayasut]

How can I do the test using rest client application (etc postman)? what key and value should I put in the header or payload?

[githubjeka]

Begin you should get this key from v1/user/login. See comment githubjeka/yii2-rest#6 (comment)

You can see auth-key in bottom. After receiving the key, just add it to your url as '?access-token=tUu1qHcde0diwUol3xeI-18MuHkkprQI`

$I->sendPUT(
    '/v1/posts/11111?access-token=tUu1qHcde0diwUol3xeI-18MuHkkprQI,
    ['title' => 'My first post', 'content' => 'There are many words....', 'status' => 2]
);

[bilalbayasut]

I see, so basically what you mean by access-token here is actually the auth_key? thanks in advance :)

[bilalbayasut]

my url is
http://localhost/admbackend/rest/rest/web/v1/educationlevel/getall?access-token=vBZS7KGrvXesyOkgQhGYCY5KCZi6st5g

I've tried and the result is :

{
name: "Not Supported"
message: ""findIdentityByAccessToken" is not implemented."
code: 0
type: "yii\base\NotSupportedException"
file: "C:\xampp\htdocs\admbackend\rest\common\models\User.php"
line: 123

[githubjeka]

In advanced app findIdentityByAccessToken is not implemented.
See my bad implement

For understanding:
Auth-key use for cookie of remember me in Yii. Better to create new field access-token in table User singly. And work with him in findIdentityByAccessToken instead auth_key