0 follower

Interface yii\web\IdentityInterface

Available since version2.0
Source Code https://github.com/yiisoft/yii2/blob/master/framework/web/IdentityInterface.php

IdentityInterface is the interface that should be implemented by a class providing identity information.

This interface can typically be implemented by a user model class. For example, the following code shows how to implement this interface by a User ActiveRecord class:

class User extends ActiveRecord implements IdentityInterface
{
    public static function findIdentity($id)
    {
        return static::findOne($id);
    }

    public static function findIdentityByAccessToken($token, $type = null)
    {
        return static::findOne(['access_token' => $token]);
    }

    public function getId()
    {
        return $this->id;
    }

    public function getAuthKey()
    {
        return $this->authKey;
    }

    public function validateAuthKey($authKey)
    {
        return $this->authKey === $authKey;
    }
}

In some situations not all of these methods are required to be implemented. For example, if your application is a pure stateless RESTful application, you would only need to implement findIdentityByAccessToken() and getId() while leaving all other methods with an empty body. Or if your application uses session only authentication, you would need to implement all the methods except findIdentityByAccessToken().

Public Methods

Hide inherited methods

MethodDescriptionDefined By
findIdentity() Finds an identity by the given ID. yii\web\IdentityInterface
findIdentityByAccessToken() Finds an identity by the given token. yii\web\IdentityInterface
getAuthKey() Returns a key that can be used to check the validity of a given identity ID. yii\web\IdentityInterface
getId() Returns an ID that can uniquely identify a user identity. yii\web\IdentityInterface
validateAuthKey() Validates the given auth key. yii\web\IdentityInterface

Method Details

findIdentity() public abstract static method

Finds an identity by the given ID.

public abstract static yii\web\IdentityInterface|null findIdentity ( $id )
$id string|integer

The ID to be looked for

return yii\web\IdentityInterface|null

The identity object that matches the given ID. Null should be returned if such an identity cannot be found or the identity is not in an active state (disabled, deleted, etc.)

findIdentityByAccessToken() public abstract static method

Finds an identity by the given token.

public abstract static yii\web\IdentityInterface|null findIdentityByAccessToken ( $token, $type null )
$token mixed

The token to be looked for

$type mixed

The type of the token. The value of this parameter depends on the implementation. For example, yii\filters\auth\HttpBearerAuth will set this parameter to be yii\filters\auth\HttpBearerAuth.

return yii\web\IdentityInterface|null

The identity object that matches the given token. Null should be returned if such an identity cannot be found or the identity is not in an active state (disabled, deleted, etc.)

getAuthKey() public abstract method

Returns a key that can be used to check the validity of a given identity ID.

The key should be unique for each individual user, and should be persistent so that it can be used to check the validity of the user identity.

The space of such keys should be big enough to defeat potential identity attacks.

The returned key is used to validate session and auto-login (if yii\web\User::$enableAutoLogin is enabled).

Make sure to invalidate earlier issued authKeys when you implement force user logout, password change and other scenarios, that require forceful access revocation for old sessions.

See also validateAuthKey().

public abstract string|null getAuthKey ( )
return string|null

A key that is used to check the validity of a given identity ID.

getId() public abstract method

Returns an ID that can uniquely identify a user identity.

public abstract string|integer getId ( )
return string|integer

An ID that uniquely identifies a user identity.

validateAuthKey() public abstract method

Validates the given auth key.

See also getAuthKey().

public abstract boolean|null validateAuthKey ( $authKey )
$authKey string

The given auth key

return boolean|null

Whether the given auth key is valid.