IdentityInterface
in
IdentityInterface is the interface that should be implemented by a class providing identity information.
This interface can typically be implemented by a user model class. For example, the following code shows how to implement this interface by a User ActiveRecord class:
class User extends ActiveRecord implements IdentityInterface
{
public static function findIdentity($id)
{
return static::findOne($id);
}
public static function findIdentityByAccessToken($token, $type = null)
{
return static::findOne(['access_token' => $token]);
}
public function getId()
{
return $this->id;
}
public function getAuthKey()
{
return $this->authKey;
}
public function validateAuthKey($authKey)
{
return $this->authKey === $authKey;
}
}
In some situations not all of these methods are required to be implemented. For example, if your application is a pure stateless RESTful application, you would only need to implement [[yii\web\IdentityInterface::findIdentityByAccessToken()|findIdentityByAccessToken()]] and [[yii\web\IdentityInterface::getId()|getId()]] while leaving all other methods with an empty body. Or if your application uses session only authentication, you would need to implement all the methods except [[yii\web\IdentityInterface::findIdentityByAccessToken()|findIdentityByAccessToken()]].
Tags
Table of Contents
Methods
- findIdentity() : IdentityInterface|null
- Finds an identity by the given ID.
- findIdentityByAccessToken() : IdentityInterface|null
- Finds an identity by the given token.
- getAuthKey() : string|null
- Returns a key that can be used to check the validity of a given identity ID.
- getId() : string|int
- Returns an ID that can uniquely identify a user identity.
- validateAuthKey() : bool|null
- Validates the given auth key.
Methods
findIdentity()
Finds an identity by the given ID.
public
static findIdentity(string|int $id) : IdentityInterface|null
Parameters
- $id : string|int
-
the ID to be looked for
Return values
IdentityInterface|null —the identity object that matches the given ID. Null should be returned if such an identity cannot be found or the identity is not in an active state (disabled, deleted, etc.)
findIdentityByAccessToken()
Finds an identity by the given token.
public
static findIdentityByAccessToken(mixed $token[, mixed $type = null ]) : IdentityInterface|null
Parameters
- $token : mixed
-
the token to be looked for
- $type : mixed = null
-
the type of the token. The value of this parameter depends on the implementation. For example, [[\yii\filters\auth\HttpBearerAuth]] will set this parameter to be
yii\filters\auth\HttpBearerAuth.
Return values
IdentityInterface|null —the identity object that matches the given token. Null should be returned if such an identity cannot be found or the identity is not in an active state (disabled, deleted, etc.)
getAuthKey()
Returns a key that can be used to check the validity of a given identity ID.
public
getAuthKey() : string|null
The key should be unique for each individual user, and should be persistent so that it can be used to check the validity of the user identity.
The space of such keys should be big enough to defeat potential identity attacks.
The returned key is used to validate session and auto-login (if [[User::enableAutoLogin]] is enabled).
Make sure to invalidate earlier issued authKeys when you implement force user logout, password change and other scenarios, that require forceful access revocation for old sessions.
Tags
Return values
string|null —a key that is used to check the validity of a given identity ID.
getId()
Returns an ID that can uniquely identify a user identity.
public
getId() : string|int
Return values
string|int —an ID that uniquely identifies a user identity.
validateAuthKey()
Validates the given auth key.
public
validateAuthKey(string $authKey) : bool|null
Parameters
- $authKey : string
-
the given auth key
Tags
Return values
bool|null —whether the given auth key is valid.