auth token

frontend/modules/api/controllers/SkillsController.php

@@ -5,6 +5,8 @@ namespace frontend\modules\api\controllers;
 use common\behaviors\GsCors;
 use common\models\Options;
 use yii\filters\AccessControl;
+use yii\filters\auth\CompositeAuth;
+use yii\filters\auth\HttpBearerAuth;
 use yii\filters\auth\QueryParamAuth;
 
 class SkillsController extends \yii\rest\Controller
@@ -18,10 +20,12 @@ class SkillsController extends \yii\rest\Controller
                     'application/json' => \yii\web\Response::FORMAT_JSON,
                 ],
             ],
-            'authenticatior' => [
-                'class' => QueryParamAuth::class, //implement access token authentication
-                'except' => ['login'], // no need to verify the access token method, pay attention to distinguish between $noAclLogin
-            ],
+            'authenticator' => [
+                'class' => CompositeAuth::class,
+                'authMethods' => [
+                    HttpBearerAuth::class,
+                ],
+            ]
 //            'corsFilter' => [
 //                'class' => GsCors::class,
 //                'cors' => [