I would like to introduce you to a new extension: yii-apiAuth
- For server-to-server communication (REST API's)
- Easy to implement (IMHO): intuitive yii-like filter / rules on controllers
- Secure: uses Digest authentication (default) or Basic authentication (less secure, but can be very usefull when you're already protected by SSL).
- Focus only on authentication. Leave authorization to other (or already implemented) components/extensions
Go to https://github.com/DenitS/yii-apiAuth
I'll post this in extensions if anyone thinks it's usefull (and gives me a better rating . can't post anything in extensions yet..)
Remarks, improvements, questions are most welcome! Please reply here, or submit your issues @ github.
Disclaimer: Use at own risk! I've tested as far as I know how, but I'm not a security expert, so peer review can help make this extension better!