Изменён алгоритм авторизации на использование jwt токенов

api/config/main.php

@@ -14,7 +14,7 @@ return [
     'components' => [
         'user' => [
             'identityClass' => \common\models\Account::class,
-            'enableAutoLogin' => true,
+            'enableSession' => false,
             'loginUrl' => null,
         ],
         'log' => [

api/controllers/AuthenticationController.php

@@ -31,7 +31,7 @@ class AuthenticationController extends Controller {
     public function actionLogin() {
         $model = new LoginForm();
         $model->load(Yii::$app->request->post());
-        if (!$model->login()) {
+        if (($jwt = $model->login()) === false) {
             return [
                 'success' => false,
                 'errors' => $this->normalizeModelErrors($model->getErrors()),
@@ -40,6 +40,7 @@ class AuthenticationController extends Controller {
 
         return [
             'success' => true,
+            'jwt' => $jwt,
         ];
     }
 

api/models/LoginForm.php

@@ -44,16 +44,14 @@ class LoginForm extends BaseApiForm {
     }
 
     /**
-     * Logs in a user using the provided username and password.
-     *
-     * @return boolean whether the user is logged in successfully
+     * @return bool|string JWT с информацией об аккаунте
      */
     public function login() {
         if (!$this->validate()) {
             return false;
         }
 
-        return Yii::$app->user->login($this->getAccount(), $this->rememberMe ? 3600 * 24 * 30 : 0);
+        return $this->getAccount()->getJWT();
     }
 
     /**