Исправлена логика авторизации, чтобы не требовать отсутствия Bearer токена для случаев, когда авторизация не требуется

2025-02-03 17:30:02 +05:30 · 2017-04-04 14:59:23 +03:00 · 2017-04-04 14:59:23 +03:00 · db1d41449c
commit db1d41449c
parent 667c034aca
3 changed files with 2 additions and 61 deletions
--- a/api/components/User/Component.php
+++ b/api/components/User/Component.php
@ -24,6 +24,7 @@ use yii\web\User as YiiUserComponent;
 * @property AccountIdentity|null $identity
 *
 * @method AccountIdentity|null loginByAccessToken($token, $type = null)
 * @method AccountIdentity|null getIdentity($autoRenew = true)
 */
 class Component extends YiiUserComponent {
@ -44,8 +45,6 @@ class Component extends YiiUserComponent {
    public $sessionTimeout = 'P7D';
    private $_identity;
    public function init() {
        parent::init();
        if (!$this->secret) {
@ -53,24 +52,6 @@ class Component extends YiiUserComponent {
        }
    }
    /**
     * @param bool $autoRenew
     * @return null|AccountIdentity
     */
    public function getIdentity($autoRenew = true) {
        $result = parent::getIdentity($autoRenew);
        if ($result === null && $this->_identity !== false) {
            $bearer = $this->getBearerToken();
            if ($bearer !== null) {
                $result = $this->loginByAccessToken($bearer);
            }
            $this->_identity = $result ?: false;
        }
        return $result;
    }
    /**
     * @param IdentityInterface $identity
     * @param bool              $rememberMe
--- a/api/controllers/FeedbackController.php
+++ b/api/controllers/FeedbackController.php
@ -10,7 +10,7 @@ class FeedbackController extends Controller {
    public function behaviors() {
        return ArrayHelper::merge(parent::behaviors(), [
            'authenticator' => [
-                'except' => ['index'],
+                'optional' => ['index'],
            ],
        ]);
    }
--- a/tests/codeception/api/unit/components/User/ComponentTest.php
+++ b/tests/codeception/api/unit/components/User/ComponentTest.php
@ -41,46 +41,6 @@ class ComponentTest extends TestCase {
        ];
    }
    public function testGetIdentity() {
        $this->specify('getIdentity should return null, if not authorization header', function() {
            $this->mockAuthorizationHeader(null);
            $this->assertNull($this->component->getIdentity());
        });
        $this->specify('getIdentity should return null, if passed bearer token don\'t return any account', function() {
            $this->mockAuthorizationHeader('some-auth');
            /** @var Component|\PHPUnit_Framework_MockObject_MockObject $component */
            $component = $this->getMockBuilder(Component::class)
                ->setMethods(['loginByAccessToken'])
                ->setConstructorArgs([$this->getComponentArguments()])
                ->getMock();
            $component
                ->expects($this->once())
                ->method('loginByAccessToken')
                ->willReturn(null);
            $this->assertNull($component->getIdentity());
        });
        $this->specify('getIdentity should return identity from loginByAccessToken method', function() {
            $identity = new AccountIdentity();
            $this->mockAuthorizationHeader('some-auth');
            /** @var Component|\PHPUnit_Framework_MockObject_MockObject $component */
            $component = $this->getMockBuilder(Component::class)
                ->setMethods(['loginByAccessToken'])
                ->setConstructorArgs([$this->getComponentArguments()])
                ->getMock();
            $component
                ->expects($this->once())
                ->method('loginByAccessToken')
                ->willReturn($identity);
            $this->assertEquals($identity, $component->getIdentity());
        });
    }
    public function testLogin() {
        $this->mockRequest();
        $this->specify('success get LoginResult object without session value', function() {