Class yii\filters\auth\HttpBearerAuth

Inheritanceyii\filters\auth\HttpBearerAuth » yii\filters\auth\AuthMethod » yii\base\ActionFilter » yii\base\Behavior » yii\base\Object
Implementsyii\base\Configurable, yii\filters\auth\AuthInterface
Available since version2.0
Source Code https://github.com/yiisoft/yii2/blob/master/framework/filters/auth/HttpBearerAuth.php

HttpBearerAuth is an action filter that supports the authentication method based on HTTP Bearer token.

You may use HttpBearerAuth by attaching it as a behavior to a controller or module, like the following:

public function behaviors()
{
    return [
        'bearerAuth' => [
            'class' => \yii\filters\auth\HttpBearerAuth::className(),
        ],
    ];
}

Public Properties

Hide inherited properties

PropertyTypeDescriptionDefined By
$except array List of action IDs that this filter should not apply to. yii\base\ActionFilter
$only array List of action IDs that this filter should apply to. yii\base\ActionFilter
$optional array List of action IDs that this filter will be applied to, but auth failure will not lead to error. yii\filters\auth\AuthMethod
$owner yii\base\Component|null The owner of this behavior yii\base\Behavior
$realm string The HTTP authentication realm yii\filters\auth\HttpBearerAuth
$request yii\web\Request The current request. yii\filters\auth\AuthMethod
$response yii\web\Response The response to be sent. yii\filters\auth\AuthMethod
$user yii\web\User The user object representing the user authentication status. yii\filters\auth\AuthMethod

Public Methods

Hide inherited methods

MethodDescriptionDefined By
__call() Calls the named method which is not a class method. yii\base\Object
__construct() Constructor. yii\base\Object
__get() Returns the value of an object property. yii\base\Object
__isset() Checks if a property is set, i.e. defined and not null. yii\base\Object
__set() Sets value of an object property. yii\base\Object
__unset() Sets an object property to null. yii\base\Object
afterAction() This method is invoked right after an action is executed. yii\base\ActionFilter
afterFilter() yii\base\ActionFilter
attach() Attaches the behavior object to the component. yii\base\ActionFilter
authenticate() Authenticates the current user. yii\filters\auth\HttpBearerAuth
beforeAction() This method is invoked right before an action is to be executed (after all possible filters.) You may override this method to do last-minute preparation for the action. yii\filters\auth\AuthMethod
beforeFilter() yii\base\ActionFilter
canGetProperty() Returns a value indicating whether a property can be read. yii\base\Object
canSetProperty() Returns a value indicating whether a property can be set. yii\base\Object
challenge() Generates challenges upon authentication failure. yii\filters\auth\HttpBearerAuth
className() Returns the fully qualified name of this class. yii\base\Object
detach() Detaches the behavior object from the component. yii\base\ActionFilter
events() Declares event handlers for the $owner's events. yii\base\Behavior
handleFailure() Handles authentication failure. yii\filters\auth\AuthMethod
hasMethod() Returns a value indicating whether a method is defined. yii\base\Object
hasProperty() Returns a value indicating whether a property is defined. yii\base\Object
init() Initializes the object. yii\base\Object

Protected Methods

Hide inherited methods

MethodDescriptionDefined By
getActionId() Returns an action ID by converting yii\base\Action::$uniqueId into an ID relative to the module yii\base\ActionFilter
isActive() Returns a value indicating whether the filter is active for the given action. yii\base\ActionFilter
isOptional() Checks, whether authentication is optional for the given action. yii\filters\auth\AuthMethod

Property Details

$realm public property

The HTTP authentication realm

public string $realm 'api'

Method Details

authenticate() public method

Authenticates the current user.

public yii\web\IdentityInterface authenticate ( $user, $request, $response )
$user yii\web\User
$request yii\web\Request
$response yii\web\Response
return yii\web\IdentityInterface

The authenticated user identity. If authentication information is not provided, null will be returned.

throws yii\web\UnauthorizedHttpException

if authentication information is provided but is invalid.

challenge() public method

Generates challenges upon authentication failure.

For example, some appropriate HTTP headers may be generated.

public void challenge ( $response )
$response yii\web\Response