Php 我可以将验证器行为应用于某些操作吗？

我总是得到“您正在使用无效凭据进行请求”。但我需要一个公共端点，特别是“查看”操作，每个人都可以通过发送访问令牌来访问该操作，并使用令牌验证保留其他操作

这是我的Api控制器的一部分：

/**
 * @inheritdoc
 */
public function behaviors()
{
    return [
        'contentNegotiator' => [
            'class' => ContentNegotiator::className(),
            'formats' => [
                'application/json' => Response::FORMAT_JSON,
                //'application/xml' => Response::FORMAT_XML,
            ],
        ],
        'verbFilter' => [
            'class' => VerbFilter::className(),
            'actions' => $this->verbs(),
        ],
        'access' => [
            'class' => AccessControl::className(),
            'only' => ['view'],
            'rules' => [
                [
                    'actions' => ['view'],
                    'allow' => true,
                    'roles' => ['?'],
                ],
            ],
        ],
        'authenticator' => [
            'class' => CompositeAuth::className(),
            'authMethods' => [
                HttpBasicAuth::className(),
                HttpBearerAuth::className(),
                QueryParamAuth::className(),
            ],
        ],
        'rateLimiter' => [
            'class' => RateLimiter::className(),
        ],
    ];
}

我尝试使用：

'access' => [
     'class' => AccessControl::className(),
     'only' => ['view'],
     'rules' => [
         [
             'actions' => ['view'],
             'allow' => true,
             'roles' => ['?'],
         ],
    ],

],

---

但是验证器行为不允许我的查看操作是公共操作

我发现解决方案只是在验证器行为上使用了'only'或'Exception'键

'authenticator' => [
            'class' => CompositeAuth::className(),
            'except' => ['view'],
            'authMethods' => [
                HttpBasicAuth::className(),
                HttpBearerAuth::className(),
                QueryParamAuth::className(),
            ],
        ],

资料来源：

---

谢谢，好好休息吧；）

有两个属性可以绕过操作上的验证器 1.仅=>绕过已配置阵列中的其余操作 2.Exception=>bypass仅在阵列中配置

public function behaviors()
{
    $behaviors = parent::behaviors();
    $behaviors['authenticator'] = [
        'class' => CompositeAuth::className(),
        'except' => ['login', 'register','regenerate'],
        //'only'=>['index'],
        'authMethods' => [
            [
                'class' => HttpBasicAuth::className(),
                'auth' => function ($username, $password) {
                    $user = User::findByLogin($username);
                    return $user->validatePassword($password)
                        ? $user
                        : null;
                }
            ],
            HttpBearerAuth::className(),
            QueryParamAuth::className()
        ],
    ];
    return $behaviors;
}