Authorization
Though we're now able to authenticate ourselves against our database, we need to implement the necessary methods in order to ensure that the right people can access the right pages. To do this, we need to implement either an access control filter or a role-based access control filter.
Access control filters
One way to control access to certain pages is to create access control filters. Access control filters in Yii2 are behaviors we can bind to our controllers to ensure that the right people have access to the right content. The access control filter is implemented through yii\filter\AccessControl and is primarily used when simple access control is needed, such when needing to make sure users are logged in or not (although it can be configured for rules that are more complex). As a filter, yii\filter\AccessControl is implemented in the behaviors() method of our controller, as shown in the following example:
<?php namespace app\controllers; use yii\web\Controller; use yii...
