Refactored auth methods.

framework/rest/HttpBasicAuth.php

@@ -0,0 +1,50 @@
+<?php
+/**
+ * @link http://www.yiiframework.com/
+ * @copyright Copyright (c) 2008 Yii Software LLC
+ * @license http://www.yiiframework.com/license/
+ */
+
+namespace yii\rest;
+
+use Yii;
+use yii\base\Component;
+use yii\web\UnauthorizedHttpException;
+
+/**
+ * HttpBasicAuth implements the HTTP Basic authentication method.
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @since 2.0
+ */
+class HttpBasicAuth extends Component implements AuthInterface
+{
+	/**
+	 * @var string the HTTP authentication realm
+	 */
+	public $realm = 'api';
+
+	/**
+	 * @inheritdoc
+	 */
+	public function authenticate($user, $request, $response)
+	{
+		if (($accessToken = $request->getAuthUser()) !== null) {
+			$identity = $user->loginByAccessToken($accessToken);
+			if ($identity !== null) {
+				return $identity;
+			}
+			$this->handleFailure($response);
+		}
+		return null;
+	}
+
+	/**
+	 * @inheritdoc
+	 */
+	public function handleFailure($response)
+	{
+		$response->getHeaders()->set('WWW-Authenticate', "Basic realm=\"{$this->realm}\"");
+		throw new UnauthorizedHttpException('You are requesting with an invalid access token.');
+	}
+}