From 6cd7af5fd01d0a310fc7ba1e66d2a6cebfb8df59 Mon Sep 17 00:00:00 2001
From: Roland Schneider <rschneider@ucs.at>
Date: Tue, 28 Sep 2021 20:53:50 +0200
Subject: [PATCH] bug fixing

---
 customerapi/controllers/LoginController.php | 17 +++--------------
 customerapi/controllers/RestController.php  | 15 ---------------
 2 files changed, 3 insertions(+), 29 deletions(-)

diff --git a/customerapi/controllers/LoginController.php b/customerapi/controllers/LoginController.php
index 5d1f6dd..6e7f750 100644
--- a/customerapi/controllers/LoginController.php
+++ b/customerapi/controllers/LoginController.php
@@ -18,23 +18,12 @@ use yii\web\UnauthorizedHttpException;
 
 /** @noinspection PhpUnused */
 
-class LoginController extends Controller
+class LoginController extends RestController
 {
 
-    public function behaviors()
+    protected function getOptionalActions()
     {
-        $behaviors = parent::behaviors();
-
-        $behaviors['corsFilter'] = [
-              'class' => CorsCustom::class,
-              'cors' => [
-                  // restrict access to
-                  'Origin' => ['https://botondfitness.hu'],
-                  // Allow credentials (cookies, authorization headers, etc.) to be exposed to the browser
-                  'Access-Control-Allow-Credentials' => true,
-              ]
-        ];
-        return $behaviors;
+        return ['login'];
     }
 
     /**
diff --git a/customerapi/controllers/RestController.php b/customerapi/controllers/RestController.php
index 41dd5ff..e3faf1a 100644
--- a/customerapi/controllers/RestController.php
+++ b/customerapi/controllers/RestController.php
@@ -20,26 +20,11 @@ class RestController extends Controller
     {
         $behaviors = parent::behaviors();
 
-        $auth = $behaviors['authenticator'];
-        unset($behaviors['authenticator']);
-
-        $behaviors['corsFilter'] = [
-            'class' => Cors::class,
-            'cors'  => [
-            'Origin' => ['https://botondfitness.hu'],
-                'Access-Control-Request-Method'    => ['POST', 'GET', 'OPTIONS'],
-                'Access-Control-Allow-Headers' =>  ['*'],
-                'Access-Control-Expose-Headers' => ['*']
-            ],
-        ];
-
-        $behaviors['authenticator'] = $auth;
         $behaviors['authenticator'] = [
             'class' => JwtHttpBearerAuth::class,
             'auth' => [$this, 'auth'],
             'optional' => $this->getOptionalActions(),
         ];
-        $behaviors['authenticator']['except'] = ['options'];
 
         return $behaviors;
     }