Yii2 Login Authenticate without password

2
votes

I am working on project that will use API of another application. So I won't validate password on my app, will do this via API request. I don't want to store users` passwords in db. Just check password by API.

How can I authenticate a user without login credentials?

2
phpapiyiiyii2

2 Answers

3
votes

Login & Session in Yii 2 is managed by \yii\web\User class This class is accessible in the application life cycle via the \Yii::$app->user property.

On successful authentication using your third-party provider you use the login() function using Yii::$app->user->login($identity)

$identity should be an object of [IdentityInterface][4] usually the User ActiveRecord model implementing this interface

Refer to the guide documentation on Authentication for full understanding on how authentication works in Yii2

0
votes

In our app we are using a field auth_key related to a User Model and then we go to this link, find a user in database by this auth_key and make a login (or not if it is not found in database )

public actionAuthLogin($auth_key){
  if(($user = User::findOne(['auth_key' => $auth_key])) 
        && \Yii:$app->user->login($user)){
     return $this->goHome();
  } else {

     throw new NotFoundHttpException()
  }

}

then

/controller/auth-login?auth_key=should_be_in_database_ahsgdashdajsdg123mkasd