Untitled

<?php

namespace edesarrollos\auth;

use yii\web\IdentityInterface;
use yii\web\Request;
use yii\web\Response;
use yii\web\UnauthorizedHttpException;

class Auth extends \yii\filters\auth\AuthMethod {

  public $realm = "api";

  /**
   * Authenticates the current user.
   * @param Usuario $user
   * @param Request $request
   * @param Response $response
   * @return IdentityInterface the authenticated user identity. If authentication information is not provided, null will be returned.
   * @throws UnauthorizedHttpException if authentication information is provided but is invalid.
   */
  public function authenticate($user, $request, $response) {
    $master = $request->getHeaders()->get('X-Ede-User');
    $secret = $request->getHeaders()->get('X-Ede-Pass');
    if($master !== null && $secret !== null) {
      $identity = $user->loginByMasterAndSecret($master, $secret);
      if($identity === null) {
        $this->handleFailure($response);
      }
      return $identity;
    }

    return null;
  }

  public function challenge($response) {
    $response->getHeaders()->set('WWW-Authenticate', "Bearer realm=\"{$this->realm}\"");
  }
}