yii2过滤器

过滤器是控制器动作执行之前或之后执行的对象。

示例

过滤器 common\components\ActionTimeFilter

<?php

namespace app\common\components;

use Yii;
use yii\base\ActionFilter;

class ActionTimeFilter extends ActionFilter
{
    private $_startTime;

    public function beforeAction($action)
    {
        $this->_startTime = microtime(true);
        return parent::beforeAction($action);
    }

    public function afterAction($action, $result)
    {
        $time = microtime(true) - $this->_startTime;
        Yii::info("Action '{$action->uniqueId}' spent $time second.");
        return parent::afterAction($action, $result);
    }
}

控制器里使用过滤器 controllers\TestController

<?php

namespace app\controllers;

class TestController extends \yii\base\Controller
{
    public function behaviors(){
        return [
            [
                'class' => 'app\common\components\ActionTimeFilter'
            ]
        ];
    }

    public function actionIndex(){

        return $this->render('index');
    }
}

访问 (runtime/logs/app.log)

http://www.yii2.com/test/index

访问控制 ACF

AccessControl提供基于yii\filters\AccessControl::rules规则的访问控制

public function behaviors(){
        return [
            'access' => [
                'class' => AccessControl::class,
                'rules' => [
                    [
                        // 当前rule将会针对这里设置的actions起作用，如果actions不设置，默认就是当前控制器的所有操作
                        'actions' => ['index', 'view', 'create', 'update', 'delete', 'signup'],
                        // 设置actions的操作是允许访问还是拒绝访问
                        'allow' => true,
                        // @ 当前规则针对认证过的用户; ? 所有方可均可访问
                        'roles' => ['@'],
                    ],
                    [
                        'actions' => ['index'],
                        'allow' => true,
                        // 设置只允许操作的action
                        'verbs' => ['POST'],
                    ],
                    [
                        'actions'=>['index'],
                        'matchCallback'=>function($rule,$action){
                            return Yii::$app->user->id == 1 ? true : false;
                        },
                        'allow'=>true
                    ]
                ],
            ]
        ];
    }

yii\filters\VerbFilter

VerbFilter检查请求动作的HTTP请求方式是否允许执行，如果不允许，会抛出HTTP 405异常

use yii\filters\VerbFilter;

public function behaviors()
{
    return [
        'verbs' => [
            'class' => VerbFilter::className(),
            'actions' => [
                'index'  => ['get'],
                'view'   => ['get'],
                'create' => ['get', 'post'],
                'update' => ['get', 'put', 'post'],
                'delete' => ['post', 'delete'],
            ],
        ],
    ];
}

yii\filters\CORS

跨域资源共享 CORS 机制允许一个网页的许多资源（例如字体、JavaScript等）这些资源可以通过其他域名访问获取

    public function behaviors()
    {
        return [
          'corsFilter' => [
              'class' => \yii\filters\Cors::class,
              'cors' => [
                  'Origin' => ['*'],
              ],

          ],
      ];
    }

HTTP 基本认证: \yii\filters\auth\HttpBasicAuth

public function behaviors()
{
    return [
        'basicAuth' => [
            'class' => \yii\filters\auth\HttpBasicAuth::class,
            'auth' => function ($username, $password) {
                $user = User::find()->where(['username' => $username])->one();
                if ($user->verifyPassword($password)) {
                    return $user;
                }
                return null;
            },
        ],
    ];
}

posted @ 2024-03-30 13:57 胡勇健阅读(215) 评论(0) 收藏举报

刷新页面返回顶部

天行子

yii2过滤器

yii2过滤器

示例

访问控制 ACF

yii\filters\VerbFilter

yii\filters\CORS

HTTP 基本认证: \yii\filters\auth\HttpBasicAuth