yii2 restfulapi QueryParamAuth验证

1.user表数据结构

2.修改advanced/common/models/User.php

   use yii\web\IdentityInterface;

   class User extends ActiveRecord implements IdentityInterface

  {

   //增加方法

     public static function findIdentityByAccessToken($token, $type = null)
    {
        return static::findOne([‘access_token‘ => $token]);
    }

  }

3.advancde/vender/yiisoft/yii2/web/User.php

  在最下面加四个方法

    public static function findIdentity($id)
    {
        return static::findOne([‘id‘ => $id, ‘status‘ => self::STATUS_ACTIVE]);
    }
    public static function findIdentityByAccessToken($token, $type = null)
    {
        return static::findOne([‘access_token‘ => $token]);
    }
    public function getAuthKey()
    {
        return $this->auth_key;
    }
    public function validateAuthKey($authKey)
    {
        return $this->getAuthKey() === $authKey;
    }

4.main.php在components中增加

‘user‘ => [
            ‘identityClass‘ => ‘common\models\User‘,
            ‘enableAutoLogin‘ => true,
            ‘enableSession‘ => false,
        ],

5.usercontroller.php

  use yii\rest\ActiveController;
  use yii\helpers\ArrayHelper;
  use yii\web\Response;
  use yii\filters\auth\QueryParamAuth;

  //增加方法

  public function behaviors()
  {
    return ArrayHelper::merge(parent::behaviors(), [
        ‘authenticator‘ => [
            ‘class‘ => QueryParamAuth::className(),
        ],
    ]);
  }

6.访问方式

  http://my.qiji.com/user?access-token=123

 access-token的值只要在user表里有的，都可以

7.返回结果

  http://my.qiji.com/user/23?access-token=123的返回结果