我尝试从文档中找出答案,但没有提及,从这里的答案来看,它应该可以与 REST API 一起正常工作。这是我的代码,只要我没有随请求发送访问令牌,它就会返回状态代码 401。
public function behaviors()
{
return [
'compositeAuth' => [
'class' => CompositeAuth::className(),
'authMethods' => [
QueryParamAuth::className(),
],
],
'access' => [
'class' => AccessControl::className(),
'only' => ['index', 'logout'],
'rules' => [
[
'actions' => ['index'],
'allow' => true,
'roles' => ['?'],
],
[
'actions' => ['logout'],
'allow' => true,
'roles' => ['@'],
],
],
],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
'logout' => ['post'],
],
],
];
}
尽管我只想注销来执行此操作,但两者都actionIndex
需要访问令牌。actionLogout
我的控制器扩展了我的基类\yii/rest/Controller