ContentNegotiator::class, 'formats' => [ 'application/json' => Response::FORMAT_JSON, ], ], // 'authenticator' => [ // 'class' => CompositeAuth::class, // 'authMethods' => [ // HttpBearerAuth::class, // ], // ], 'corsFilter' => [ 'class' => GsCors::class, 'cors' => [ 'Origin' => ['*'], //'Access-Control-Allow-Credentials' => true, 'Access-Control-Allow-Headers' => [ 'Content-Type', 'Access-Control-Allow-Headers', 'Authorization', 'X-Requested-With' ], ] ], ]); } public function actions() { $action = parent::actions(); // TODO: Change the autogenerated stub unset($action['index']); unset($action['create']); unset($action['update']); unset($action['delete']); } public function actionLogin() { $model = new LoginForm(); if ($model->load(Yii::$app->getRequest()->getBodyParams(), '') && $model->login()) { return [ 'access_token' => $model->login(), 'access_token_expired_at' => $model->getUser()->getTokenExpiredAt(), 'id' => $model->getUser()->id, ]; } else { throw new BadRequestHttpException(json_encode($model->errors)); } } }