php - API with bearer and query params options
问题描述
I'm trying to get an API validation going. Below is my behavior
public function behaviors()
{
return ArrayHelper::merge(parent::behaviors(), [
'authenticator' => [
'class' => CompositeAuth::class,
'authMethods' => [
['class' => HttpBearerAuth::class],
['class' => QueryParamAuth::class, 'tokenParam' => 'admin-token'],
],
],
'corsFilter' => [
'class' => Cors::class,
],
'access' => [
'class' => AccessControl::className(),
'rules' => [
[
'ips' => Yii::$app->params['allowedIPs'], //Fill in the allowed IPs here
'allow' => true,
],
[
'ips' => Yii::$app->params['adminIPs'], //Fill in the allowed IPs here
'allow' => true,
'matchCallback' => function ($rule, $action) {
return (!empty($_GET['admin-token']) && $_GET['admin-token'] === Yii::$app->params['adminApiToken']);
}
],
],
]
]);
the bearer method works and checks for matching access token and ip. but for admin matching IP and admin-token
it fails and i get this error
stdClass#1
(
[success] => false
[data] => stdClass#2
(
[name] => 'Unauthorized'
[message] => 'Your request was made with invalid credentials.'
[code] => 0
[status] => 401
)
)
how do i get validation credential using admin-token
for admin only?
解决方案
推荐阅读
- google-earth-engine - 在谷歌地球引擎的 imageCollection 中对 2 个连续图像应用函数
- java - 将信息从 AlertDialog 传递给父片段
- flutter - 扑。listview.builder 上方的小部件与其他内容一起滚动?
- mysql - 查询以显示本年度的新销售增长
- c# - 报表查看器数据集
- python - 如何根据 GradientBoost 结果绘制热图?
- python - 安装 pip python 时出现问题
- android - 如何在android中使用renderscript使用smoothstep函数
- javascript - Click evt 注册到 div 周围的复选框而不是复选框本身
- android - Xamarin“Resource.Layout”不包含“*”错误的定义