Customizing authentication and response
Yii allows us to quickly create a custom authentication method for our application. This is useful because in some cases, the previously mentioned authentications are not sufficient.
A custom authentication model can be made by extending the yii\filters\auth\AuthMethod class, which implements yii\filters\auth\AuthInterface that requires overriding the authenticate ($user, $request, and $response) method:
<?php
namespace api\components;
use yii\filters\auth\AuthMethod;
use Yii;
class CustomAuthMethod extends AuthMethod {
public function authenticate($user, $request, $response) {
…
…
…
}
…
…
…
}Even though the REST API should be stateless, or rather should not save session data, it could be necessary to store some information or preferences during a session across requests.
So, if we need to support a session, we can start it through the authenticate() method called in the beforeAction() event. The idea is to use QueryParamAuth using...
