From 8583edbb928919c06d42268d3efb72e6b62bcec9 Mon Sep 17 00:00:00 2001
From: ErickSkrauch <erickskrauch@yandex.ru>
Date: Wed, 24 Feb 2016 01:15:04 +0300
Subject: [PATCH] =?UTF-8?q?=D0=92=D1=81=D0=B5=20=D0=BA=D0=BE=D0=BD=D1=82?=
 =?UTF-8?q?=D1=80=D0=BE=D0=BB=D0=BB=D0=B5=D1=80=D1=8B=20=D0=BF=D0=B5=D1=80?=
 =?UTF-8?q?=D0=B5=D0=B2=D0=B5=D0=B4=D0=B5=D0=BD=D1=8B=20=D0=BD=D0=B0=20?=
 =?UTF-8?q?=D0=B8=D1=81=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0?=
 =?UTF-8?q?=D0=BD=D0=B8=D0=B5=20jwt=20=D1=82=D0=BE=D0=BA=D0=B5=D0=BD=D0=BE?=
 =?UTF-8?q?=D0=B2?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 api/controllers/AuthenticationController.php             | 6 +++++-
 api/controllers/Controller.php                           | 8 ++++++++
 api/controllers/OauthController.php                      | 6 +++++-
 api/controllers/SignupController.php                     | 6 +++++-
 tests/codeception/api/functional/_steps/AccountSteps.php | 3 +++
 5 files changed, 26 insertions(+), 3 deletions(-)

diff --git a/api/controllers/AuthenticationController.php b/api/controllers/AuthenticationController.php
index f5f992a..f6f5240 100644
--- a/api/controllers/AuthenticationController.php
+++ b/api/controllers/AuthenticationController.php
@@ -4,11 +4,15 @@ namespace api\controllers;
 use api\models\LoginForm;
 use Yii;
 use yii\filters\AccessControl;
+use yii\helpers\ArrayHelper;
 
 class AuthenticationController extends Controller {
 
     public function behaviors() {
-        return array_merge(parent::behaviors(), [
+        return ArrayHelper::merge(parent::behaviors(), [
+            'authenticator' => [
+                'except' => ['login'],
+            ],
             'access' => [
                 'class' => AccessControl::class,
                 'rules' => [
diff --git a/api/controllers/Controller.php b/api/controllers/Controller.php
index 1932f13..b5d716a 100644
--- a/api/controllers/Controller.php
+++ b/api/controllers/Controller.php
@@ -3,6 +3,7 @@ namespace api\controllers;
 
 use api\traits\ApiNormalize;
 use Yii;
+use yii\filters\auth\HttpBearerAuth;
 
 /**
  * @property \common\models\Account|null $account
@@ -12,8 +13,15 @@ class Controller extends \yii\rest\Controller {
 
     public function behaviors() {
         $parentBehaviors = parent::behaviors();
+        // Добавляем авторизатор для входа по jwt токенам
+        $parentBehaviors['authenticator'] = [
+            'class' => HttpBearerAuth::className(),
+        ];
+
         // xml нам не понадобится
         unset($parentBehaviors['contentNegotiator']['formats']['application/xml']);
+        // rate limiter здесь не применяется
+        unset($parentBehaviors['rateLimiter']);
 
         return $parentBehaviors;
     }
diff --git a/api/controllers/OauthController.php b/api/controllers/OauthController.php
index c730cf1..0e57144 100644
--- a/api/controllers/OauthController.php
+++ b/api/controllers/OauthController.php
@@ -14,13 +14,17 @@ use yii\helpers\ArrayHelper;
 class OauthController extends Controller {
 
     public function behaviors() {
-        return array_merge(parent::behaviors(), [
+        return ArrayHelper::merge(parent::behaviors(), [
+            'authenticator' => [
+                'except' => ['validate', 'issue-token'],
+            ],
             'access' => [
                 'class' => AccessControl::class,
                 'rules' => [
                     [
                         'actions' => ['validate', 'issue-token'],
                         'allow' => true,
+                        'roles' => ['?'],
                     ],
                     [
                         'actions' => ['complete'],
diff --git a/api/controllers/SignupController.php b/api/controllers/SignupController.php
index bc0191b..5c0cc8c 100644
--- a/api/controllers/SignupController.php
+++ b/api/controllers/SignupController.php
@@ -5,11 +5,15 @@ use api\models\ConfirmEmailForm;
 use api\models\RegistrationForm;
 use Yii;
 use yii\filters\AccessControl;
+use yii\helpers\ArrayHelper;
 
 class SignupController extends Controller {
 
     public function behaviors() {
-        return array_merge(parent::behaviors(), [
+        return ArrayHelper::merge(parent::behaviors(), [
+            'authenticator' => [
+                'except' => ['register', 'confirm'],
+            ],
             'access' => [
                 'class' => AccessControl::class,
                 'rules' => [
diff --git a/tests/codeception/api/functional/_steps/AccountSteps.php b/tests/codeception/api/functional/_steps/AccountSteps.php
index 2b9f618..fc102b7 100644
--- a/tests/codeception/api/functional/_steps/AccountSteps.php
+++ b/tests/codeception/api/functional/_steps/AccountSteps.php
@@ -11,6 +11,9 @@ class AccountSteps extends FunctionalTester {
         $route = new LoginRoute($I);
         $route->login('Admin', 'password_0');
         $I->canSeeResponseIsJson();
+        $I->canSeeResponseJsonMatchesJsonPath('$.jwt');
+        $jwt = $I->grabDataFromResponseByJsonPath('$.jwt')[0];
+        $I->amBearerAuthenticated($jwt);
     }
 
 }