ikaras
commented
9 years ago Hi! You're completely right! I missed that. Your solution is good, but it destroys all encapsulation over Storage - in future I plan use redis or mongo for saving oauth data. So, I've found another solution: https://github.com/ikaras/yii2-oauth2-rest-template/pull/2. I've tested it and saw that code for getting token data executes only once. You can take a look before I'll merge it, probably, You will have any questions/improvements.
Thank you for interesting to this repository! I'm newbie in open source contribution, but I think you can made fixes and create pull requests for reviewing (there we can discuss solutions and quick make changes) - or, first, I need to add You as contributor?
Hey, I've seen Your User::findIdentityByAccessToken(...) method and I don't think You should use the module like that, I mean, that code You call is already called before You enter findIdentityByAccessToken() method, so You are already authorized if You get there. I've thought of using an activeRecord call to the model containing my token (I already have the token as a param) so my implementation of the method is like this:
use filsh\yii2\oauth2server\models\OauthAccessTokens;
public static function findIdentityByAccessToken($token, $type = null) { $oauthToken = OauthAccessTokens::findOne(['access_token' => $token]); if ($oauthToken !== null) { return static::findIdentity($oauthToken->user_id); } return null; }
That gives me the userId I want and I don't have to repeat the whole authentication. I'm not really sure if that is the proper approach. For one I wouldn't want to access the model declared in a module explicitly. Sorry for the long rant ;)