<?php
public function behaviors()
{
$behaviors = parent::behaviors();
unset($behaviors['authenticator']);
$behaviors['corsFilter'] = [
'class' => \yii\filters\Cors::className(),
'cors' => [
// restrict access to domains:
'Origin' => ['*'],
'Access-Control-Request-Method' => ['POST', 'GET'],
'Access-Control-Allow-Credentials' => true,
'Access-Control-Request-Headers' => ['*'],
'Access-Control-Max-Age' => 3600, // Cache (seconds)
],
];
$behaviors['authenticator'] = [
'class' => CompositeAuth::className(),
'authMethods' => [
HttpBasicAuth::className(),
HttpBearerAuth::className(),
],
'except' => ['index', 'view'],
];
return $behaviors;
}