I think i am missing something obvious here, but what i following: http://www.yiiframework.com/doc-2.0/guide-rest-error-handling.html and in my config i have:
'response' => [
'class' => 'yii\web\Response',
//'format' => \yii\web\Response::FORMAT_JSON,
'on beforeSend' => function ($event) {
$response = $event->sender;
//$response->formatters['html'] = 'yii\web\JsonResponseFormatter';
$output = Yii::$app->request->get('output');
if (in_array($output, [$response::FORMAT_JSON, $response::FORMAT_JSONP, $response::FORMAT_XML])) {
$response->format = $output;
}
$response->data = [
'success' => $response->isSuccessful,
'data' => $response->data,
];
$response->setStatusCode(200);
},
],
and in my rest controller, i am using the yii\filters\auth\HttpBearerAuth as:
/**
* @inheritdoc
*/
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = [
'class' => 'yii\filters\auth\HttpBearerAuth',
'except' => ['login', 'create'],
];
return $behaviors;
}
Now the thing is that if i access a url that requires authentication, i get the response i expect:
<response>
<name>Unauthorized</name>
<message>You are requesting with an invalid credential.</message>
<code>0</code>
<status>401</status>
<type>yii\web\UnauthorizedHttpException</type>
</response>
BUT the headers i get:
HTTP/1.1 401 Unauthorized
Date: Wed, 25 Mar 2015 13:39:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.6.6
X-Powered-By: PHP/5.6.6
Www-Authenticate: Bearer realm="api"
Content-Length: 231
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/xml; charset=utf-8
So why do i get a 401 Unauthorized when i specified that i want a 200 code for all cases ?
If i access a page that does not exists, i get back:
<response>
<success/>
<data>
<name>Error</name>
<message>An internal server error occurred.</message>
<exception>
<NotFoundHttpException>
<statusCode>404</statusCode>
<xdebug_message>...</xdebug_message>
</NotFoundHttpException>
</exception>
</data>
</response>
And the headers:
HTTP/1.1 200 OK
Date: Wed, 25 Mar 2015 13:52:28 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.6.6
X-Powered-By: PHP/5.6.6
Content-Length: 4519
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/xml; charset=utf-8
So, what the heck is happening here, any idea ?