PHPackages gud3/yii2-rest-auth - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. gud3/yii2-rest-auth ActiveYii2-extension gud3/yii2-rest-auth =================== Authorization for rest, which is made for increased security. 1.0.0(9y ago)027Apache-2.0PHP Since May 4Pushed 8y ago1 watchersCompare [ Source](https://github.com/gud3/yii2-rest-auth)[ Packagist](https://packagist.org/packages/gud3/yii2-rest-auth)[ RSS](/packages/gud3-yii2-rest-auth/feed)WikiDiscussions master Synced yesterday READMEChangelog (1)Dependencies (1)Versions (2)Used By (0) Yii2 rest authorized ==================== [](#yii2-rest-authorized) This extension increase security betwean requests to REST contorllers. How does it work: there is a short(token) and long(series) keys. Short key changes every time, the long key remains the same for entire period of authorization. Then they are merged into a string and attached to the Authorization header. These values are separated by ";" To confirm next request, when "client" send new request, it attaches the same Authoriztion header with the data it recieved. And this continues until the user is logged out or the keys are stolen. When the keys are stolen and the thief use the user's data - the short key (token) changes every request. When the real user makes a request - the system will notice that long key (series) is the same, but short key doesn't match. In this case system delete Authorization, the thief and the real user will be logged out For data storage it uses ActiveRecord table. In this table keeps all authorization data, the end date of the session. Sessions are stored in Redis. Installation ------------ [](#installation) The preferred way to install this extension is through [composer](http://getcomposer.org/download/). Either run ``` php composer.phar require --prefer-dist gud3/yii2-rest-auth "*" ``` or add ``` "gud3/yii2-rest-auth": ">=1.0.0" ``` to the require section of your `composer.json` file. Migration enter in code line: ``` yii migrate --migrationPath=@gud3/restAuth/migrations ``` Need ---- [](#need) You need to override the static function in the 'Users' table: ``` public static function findIdentityByAccessToken($id, $type = null) { return static::find()->where(['id' => $id])->one() || false; } ``` Usage ----- [](#usage) To use this extension, simply add the following code in your controller behaviors: ``` public function behaviors() { $behaviors = parent::behaviors(); $auth = ['index']; //$auth = ['index', 'update', 'create', 'etc..']; $behaviors['authenticator']['class'] = \gud3\restAuth\CheckToken::className(); $behaviors['authenticator']['only'] = $auth; return $behaviors; } ``` For check exist Authorized data in headers: ``` public function behaviors() { $behaviors = parent::behaviors(); $auth = []; if (\gud3\restAuth\CheckToken::isAuth()) { array_push($auth, 'index', 'create'); } $behaviors['authenticator']['class'] = \gud3\restAuth\CheckToken::className(); $behaviors['authenticator']['only'] = $auth; return $behaviors; } ``` This is necessary to check if there are authorization data, then check them, and if it is successful, authorize or go through the system without authorization, then Yii::$app->user->isGuest = true Change storage -------------- [](#change-storage) To store the session in the radish, you need to : ``` 'components' => [ 'cache' => [ 'class' => 'yii\redis\Cache', ], ] ``` ### Health Score 27 — LowBetter than 49% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity7 Limited adoption so far Community7 Small or concentrated contributor base Maturity63 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 3296d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/8626fdc5b30c9e2aba183d1981e7a69f6840f07998647391396b3cbf8d328590?d=identicon)[gud3](/maintainers/gud3) --- Top Contributors [![gud3](https://avatars.githubusercontent.com/u/16295609?v=4)](https://github.com/gud3 "gud3 (1 commits)") --- Tags yii2 yii2 rest yii2 rest authorized ### Embed Badge ![Health badge](/badges/gud3-yii2-rest-auth/health.svg) ``` [![Health](https://phpackages.com/badges/gud3-yii2-rest-auth/health.svg)](https://phpackages.com/packages/gud3-yii2-rest-auth) ``` ### Alternatives [craftcms/cms Craft CMS 3.6k3.6M2.6k](/packages/craftcms-cms)[skeeks/cms SkeekS CMS — control panel and tools based on php framework Yii2 13825.6k47](/packages/skeeks-cms) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)