Yii2 global filter/behavior to force user to authenticate first

Jap Mul picture Jap Mul · Sep 23, 2014 · Viewed 11.3k times · Source

In my Yii2 application I'm trying to force all users to be authenticated. If they're not already authenticated they should be redirected to the login page.

In Yii1 I did this by creating a class that would check if a user was logged in and attaching that class to the onBeginRequest behavior in my main config file.

// Yii 1
'behaviors' => array(
    'onBeginRequest' => array(
        'class' => 'application.components.RequireLogin',
    )
),

How can I get the same behavior in Yii2? I know I can use behavior to do this, but I wan't to add this behavior to my main config file so all requests are first checked for authentication.

The working behaviors method looks like this:

// Yii2
public function behaviors() {
    return [
        'access' => [
            'class' => AccessControl::className(),
            'rules' => [
                [
                    'actions' => ['login', 'error'],
                    'allow' => true,
                ],
                [
                    'allow' => true,
                    'roles' => ['@'],
                ],
            ],
        ],
    ];
}

Answer

Jap Mul picture Jap Mul · Sep 23, 2014

Ok, so I had to add the following code below 'components' => [...]

 'as beforeRequest' => [
    'class' => 'yii\filters\AccessControl',
    'rules' => [
        [
            'actions' => ['login', 'error'],
            'allow' => true,
        ],
        [

            'allow' => true,
            'roles' => ['@'],
        ],
    ],
],

Read more about the format: http://www.yiiframework.com/doc-2.0/guide-concept-configurations.html#configuration-format