Project on Yii2 . I connect Backbone.js scripts to a specific view. It turns out that the user is authorized through yii2, but the backbone does not know anything about the user. There is a separate API for this server.

So the question is : how on the side of Backbone understand which user is authorized on the site? I connect the backbone in the index [view] page and access the server API to get the data, but in fact I must pass in the request header the user ID

access_token

. How to be? How to get it without passing authorization through the backbone, and transfer it directly from the yii application?

    1 answer 1

    1. We always check on the server whether the user is authorized or not. In all APIs that require it.

    2. To check authorization on the client side, it is enough to give an object with the auth flag in the index.html template.

    Example

     <html> <head> <script> var settings = { auth: {{ User.authorized() }} }; </script> </head> <body></body> </html>

    Your server generates HTML, so it will put a flag. The string -> {{User.authorized ()}} is written as an example for the Twig template engine.

    And in bekbon you check

     if (settings.auth) { // Send request to server side }

    That's enough to fully cover your requirements.