After reading the other wiki article regarding token based access, I thought that it might be interesting to share my method.
Yii Framework Wiki
Wiki articles tagged with "authentication"
Showing 21-25 of 25 items.
Make the authentication more securely
Created 9 years ago by Kostas Apazidis (KonApaz),
updated 9 years ago by Kostas Apazidis (KonApaz).
Suppose a hacker has an account of your website He could set the PHPSESSID to empty After of that He login in your system The PHPSESSID remains blank and user has already logged with this session
How to login from different tables in Yii2
The Problem: Yii2 utilizes by default UserIdentity configured in config/web.php for connection, this object apply one table to authentication ('identityClass' => 'app\panel\models\User'). How to authentication from diferent tables? Solution: Create instances in web.php to uses UserIdentify. eg:
Using multiple models in an identity
Let's assume we have two models: Customer and Supplier and we want both to log in. Yii is quite flexible when it comes to authentication and authorization so it's possible.
JWT authentication tutorial
JWT is short for JSON Web Token. It is used eg. instead of sessions to maintain a login in a browser that is talking to an API - since browser sessions are vulnerable to CSRF security issues. JWT is also less complicated than setting up an OAuth authentication mechanism.