PHPackages matrozov/yii2-wac-auth - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. matrozov/yii2-wac-auth ActiveYii2-extension[Authentication & Authorization](/categories/authentication) matrozov/yii2-wac-auth ====================== Yii2 CompositeAuth with AccessControl integration. 1.0.5(8y ago)02.9k↓33.3%MITPHPPHP >=5.4.0 Since Apr 14Pushed 8y ago1 watchersCompare [ Source](https://github.com/matrozov/yii2-wac-auth)[ Packagist](https://packagist.org/packages/matrozov/yii2-wac-auth)[ Docs](https://github.com/matrozov/yii2-wac-auth)[ RSS](/packages/matrozov-yii2-wac-auth/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (1)Dependencies (1)Versions (2)Used By (0) yii2-auth-wac ============= [](#yii2-auth-wac) Yii2 CompositeAuth with AccessControl integration. By default, AuthMethod checks only the internal "optional" property to test whether it is possible to get into this action without authorization. You should duplicate the access rules in AuthMethod and AccessControl. WacAuth allows you to automatically check the guest access rules in AccessControl when AuthMethod is authorized. Installation ------------ [](#installation) Either run `composer require --prefer-dist matrozov/yii2-wac-auth` Usage example ------------- [](#usage-example) ### Before: [](#before) ``` $behaviors['authenticator'] = [ 'class' => HttpBearerAuth::className(), 'optional' => ['index'] ]; $behaviors['access'] = [ 'class' => AccessControl::className(), 'only' => ['index'], 'rules' => [ [ 'allow' => true, 'actions' => ['index'], 'roles' => ['?'], ], ], ]; ``` You specify the "optional" property and roles="?" at the same time for your action "index". ### After: [](#after) ``` $behaviors['authenticator'] = [ 'class' => WacAuth::className(), 'authMethods' => [ HttpBearerAuth::className() ] ]; $behaviors['access'] = [ 'class' => AccessControl::className(), 'only' => ['index'], 'rules' => [ [ 'allow' => true, 'actions' => ['index'], 'roles' => ['?'], ], ], ]; ``` You wrap HttpBearerAuth in WacAuth and now it automatically takes into account roles="?" in AccessControl. WacAuth and CompositeAuth ------------------------- [](#wacauth-and-compositeauth) Since WacAuth is the successor of CompositeAuth, you can use it in all similar cases for a combination of authorization methods. ### Health Score 29 — LowBetter than 59% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity20 Limited adoption so far Community7 Small or concentrated contributor base Maturity58 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 2956d ago ### Community Maintainers ![](https://avatars.githubusercontent.com/u/4449593?v=4)[Oleg Matrozov](/maintainers/matrozov)[@matrozov](https://github.com/matrozov) --- Top Contributors [![matrozov](https://avatars.githubusercontent.com/u/4449593?v=4)](https://github.com/matrozov "matrozov (8 commits)") --- Tags access-controlauthorizationyii2authorizationyii2access-control ### Embed Badge ![Health badge](/badges/matrozov-yii2-wac-auth/health.svg) ``` [![Health](https://phpackages.com/badges/matrozov-yii2-wac-auth/health.svg)](https://phpackages.com/packages/matrozov-yii2-wac-auth) ``` ### Alternatives [casbin/laravel-authz An authorization library that supports access control models like ACL, RBAC, ABAC in Laravel. 324339.9k4](/packages/casbin-laravel-authz)[casbin/think-authz An authorization library that supports access control models like ACL, RBAC, ABAC for ThinkPHP. 27918.5k6](/packages/casbin-think-authz)[rmrevin/yii2-ulogin Extension for yii2 ulogin integration 1811.9k](/packages/rmrevin-yii2-ulogin)[casbin/webman-permission webman casbin permission plugin 523.4k2](/packages/casbin-webman-permission) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)