doc fix [skip ci]

22189b3b · Qiang Xue · 597e470c · 22189b3b
Commit 22189b3b authored Apr 06, 2014 by Qiang Xue
Hide whitespace changes
Inline Side-by-side

Showing with 28 additions and 14 deletions

rest.md docs/guide/rest.md +28 -14

No files found.
--- a/docs/guide/rest.md
+++ b/docs/guide/rest.md
@@ -607,39 +607,49 @@ To enable authentication for your APIs, do the following two steps:
   in your REST controller classes.
 2. Implement [[yii\web\IdentityInterface::findIdentityByAccessToken()]] in your [[yii\web\User::identityClass|user identity class]].

-For example, to enable all three authentication methods explained above, you can configure `authenticator` like following,
+
+For example, to use HTTP Basic Auth, you may configure `authenticator` as follows,

 ```php
+use yii\helpers\ArrayHelper;
+use yii\filters\auth\HttpBasicAuth;
+
 public function behaviors()
 {
-    return array_merge(parent::behaviors(), [
+    return ArrayHelper::merge(parent::behaviors(), [
        'authenticator' => [
-            'authMethods' => [
-                \yii\filters\auth\HttpBasicAuth::className(),
-                \yii\filters\auth\QueryParamAuth::className(),
-                \yii\filters\auth\HttpBearerAuth::className(),
-            ],
+            'class' => HttpBasicAuth::className(),
        ],
    ]);
 }
 ```

-Each element in `authMethods` should be an auth method class name or a configuration array. An auth class
-must implement [[yii\rest\AuthInterface]].
-
-If you only want to a single authentication method, such as HTTP Basic Auth, you may use the following code:
+If you want to support all three authentication methods explained above, you can use `CompositeAuth` like the following,

 ```php
+use yii\helpers\ArrayHelper;
+use yii\filters\auth\CompositeAuth;
+use yii\filters\auth\HttpBasicAuth;
+use yii\filters\auth\HttpBearerAuth;
+use yii\filters\auth\QueryParamAuth;
+
 public function behaviors()
 {
-    return array_merge(parent::behaviors(), [
+    return ArrayHelper::merge(parent::behaviors(), [
        'authenticator' => [
-            'class' => \yii\filters\auth\HttpBasicAuth::className(),
+            'class' => CompositeAuth::className(),
+            'authMethods' => [
+                HttpBasicAuth::className(),
+                HttpBearerAuth::className(),
+                QueryParamAuth::className(),
+            ],
        ],
    ]);
 }
 ```

+Each element in `authMethods` should be an auth method class name or a configuration array.
+

 Implementation of `findIdentityByAccessToken()` is application specific. For example, in simple scenarios
 when each user can only have one access token, you may store the access token in an `access_token` column
@@ -727,10 +737,14 @@ will thrown a [[yii\web\TooManyRequestsHttpException]] if rate limit is exceeded
 as follows in your REST controller classes,

 ```php
+use yii\helpers\ArrayHelper;
+use yii\filters\RateLimiter;
+
 public function behaviors()
 {
-    return array_merge(parent::behaviors(), [
+    return ArrayHelper::merge(parent::behaviors(), [
        'rateLimiter' => [
+            'class' => RateLimiter::className(),
            'enableRateLimitHeaders' => false,
        ],
    ]);