added disabling of loginUrl to the REST guide

issue #4198

added disabling of loginUrl to the REST guide
224fe12f · Carsten Brandt · 655dcba0 · 224fe12f
Commit 224fe12f authored Oct 30, 2014 by Carsten Brandt
Show whitespace changes
Inline Side-by-side

Showing with 4 additions and 2 deletions

rest-authentication.md docs/guide/rest-authentication.md +4 -2

No files found.
--- a/docs/guide/rest-authentication.md
+++ b/docs/guide/rest-authentication.md
@@ -25,7 +25,9 @@ Yii supports all of the above authentication methods. You can also easily create
 To enable authentication for your APIs, do the following steps:
-1. Configure the [[yii\web\User::enableSession|enableSession]] property of the `user` application component to be false.
+1. Configure the `user` application component:
+   - Set the [[yii\web\User::enableSession|enableSession]] property to be `false`.
+   - Set the [[yii\web\User::loginUrl|loginUrl]] property to be `null` to show a HTTP 403 error instead of redirecting to the login page. 
 2. Specify which authentication methods you plan to use by configuring the `authenticator` behavior
   in your REST controller classes.
 3. Implement [[yii\web\IdentityInterface::findIdentityByAccessToken()]] in your [[yii\web\User::identityClass|user identity class]].
@@ -45,7 +47,7 @@ public function init()
 }
 ```
-For example, to use HTTP Basic Auth, you may configure `authenticator` as follows,
+For example, to use HTTP Basic Auth, you may configure the `authenticator` behavior as follows,
 ```php
 use yii\filters\auth\HttpBasicAuth;