yii restfull 方法验证用户身份通过token

在配置文件中修改用于储存acess token的类

'user' => [
'identityClass' => 'app\models\Customer',
'enableAutoLogin' => false,//disable the cookie login
],

2. 实现接口IdentityInterface在用户信息类中

class Customer extends ActiveRecord implements IdentityInterface
{
public static function tableName()
{
return 'customer';
}

/**
* @set the primary key name
*/
public static function primaryKey()

{
return ['customerID'];
}

/**
* Finds an identity by the given ID.
*
* @param string|integer $id the ID to be looked for
* @return IdentityInterface|null the identity object that matches the given ID.
*/
public static function findIdentity($id)
{
return static::findOne($id);
}

/**
* Finds an identity by the given token.
*
* @param string $token the token to be looked for
* @return IdentityInterface|null the identity object that matches the given token.
*/
public static function findIdentityByAccessToken($token, $type = null)
{
return static::findOne(['accessToken' => $token]);//注意这里与要accessToken的格式
}

/**
* @return int|string current user ID
*/
public function getId()
{
return $this->customerID;
}

/**
* @return string current user auth key
*/
public function getAuthKey()
{
return $this->auth_key;
}

/**
* @param string $authKey
* @return boolean if auth key is valid for current user
*/
public function validateAuthKey($authKey)
{
return $this->getAuthKey() === $authKey;
}
}

3. 修改basic/vendor/yiisoft/yii2/filters/auth/QueryParamAuth中的token名字

注意，传递的参数中有可能token的变量名字并不等于yii默认的access-token，我们要让他和我们用的变量名保持一致

在配置文件中修改用于储存acess token的类