<?php namespace frontend\modules\api\controllers; use common\behaviors\GsCors; use common\classes\Debug; use common\models\User; use frontend\modules\api\models\LoginForm; use Yii; use yii\filters\auth\CompositeAuth; use yii\filters\auth\HttpBearerAuth; use yii\filters\ContentNegotiator; use yii\rest\ActiveController; use yii\helpers\ArrayHelper; use yii\filters\auth\QueryParamAuth; use yii\web\BadRequestHttpException; use yii\web\Response; class UserController extends ActiveController { public $modelClass = User::class; public function behaviors() { return ArrayHelper::merge(parent::behaviors(), [ [ 'class' => ContentNegotiator::class, 'formats' => [ 'application/json' => Response::FORMAT_JSON, ], ], // 'authenticator' => [ // 'class' => CompositeAuth::class, // 'authMethods' => [ // HttpBearerAuth::class, // ], // ], 'corsFilter' => [ 'class' => GsCors::class, 'cors' => [ 'Origin' => ['*'], //'Access-Control-Allow-Credentials' => true, 'Access-Control-Allow-Headers' => [ 'Content-Type', 'Access-Control-Allow-Headers', 'Authorization', 'X-Requested-With' ], ] ], ]); } public function actions() { $action = parent::actions(); // TODO: Change the autogenerated stub unset($action['index']); unset($action['create']); unset($action['update']); unset($action['delete']); } public function actionLogin() { $model = new LoginForm(); if ($model->load(Yii::$app->getRequest()->getBodyParams(), '') && $model->login()) { return [ 'access_token' => $model->login(), 'access_token_expired_at' => $model->getUser()->getTokenExpiredAt(), 'id' => $model->getUser()->id, ]; } else { throw new BadRequestHttpException(json_encode($model->errors)); } } }