Download the PHP package denits/yii-apiauth without Composer
On this page you can find all versions of the php package denits/yii-apiauth. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download denits/yii-apiauth
More information about denits/yii-apiauth
Files in denits/yii-apiauth
Package yii-apiauth
Short Description HTTP authentication for automated requests
License New BSD License
Homepage http://github.com/DenitS/yii-apiAuth
Informations about the package yii-apiauth
Yii ApiAuth Extension
ApiAuth : The first A in AAA
Authenticate a (REST) client through Http Authentication Methods like Http Digest or Http Basic (or implement your own authentication scheme)
Most webservers, like Apache or IIS support different types of HTTP authentication, but they can be difficult (if not impossible) to integrate with a custom user account source, especially one that is implemented in Yii. This extension uses only Yii, PHP and MySQL and should be easy to integrate in an existing Yii based Authorization scenario.
Even though this extension can be used for virtually any authentication scenario, it is mostly suitable for automation, for example in REST requests. Hence it's name apiAuth.
Yii comes with an extensive built in authorization scheme and many great extensions like Rights, Auth or yii-user that you can use alongside this extension. @see http://www.yiiframework.com/doc/guide/1.1/en/topics.auth
Home
https://github.com/DenitS/yii-apiAuth/
Git Clone
git clone [email protected]:DenitS/yii-apiAuth.git
Requirements
- Yii 1.1.12 or newer
- PHP 5.3 or newer
- A database system like MySQL (Other database systems than MySQL are currently not supported, but probably easy to implement).
Installation
-
Add apiAuth to the extensions folder:
-
Manual:
- Create a folder 'apiAuth' in the extensions folder (application.extensions)
- Copy the contents of the yii-apiAuth extension to it.
- Git Submodule (from command line in [webroot]/protected/extensions/):
- $
git submodule add [email protected]:DenitS/yii-apiAuth.git apiAuth
- $
-
-
Create the nonce table by running (command line in protected folder):
$
./yiic migrate up --migrationPath=ext.apiAuth.migrations
Configuration
main.php
Securing Controllers
Secure controllers and actions by extending your controller with AController (Note the A).
Example:
Make sure you don't do it the other way around, for example:
Add the AAuthFilter to your controller's filter() method.
Full Example:
HTTP Digest: cleaning up Nonces
Over time the nonce table will grow in size. You will have to clean it periodically, but you will have to do this manually. I didn't want to call a DELETE FROM statement on every request, so i've created a static method in the ANonce model class that you can call whenever and wherever you like (See below).
For example it can be called from a yii command script, which you can in turn call via a cron job or the windows task scheduler.
Contribute
Contributions, remarks, improvements, etc. are always welcome.