Implementing an RESTful API Authentication using tokens (Yii/Yii2)

Question

I am building an API in Yii 1.x which will be used with a mobile application. Part of the process involves a login (with a username and password) using the following JSON reques

Answer 1

By this time probably you switched to Yii2, and for future reference, the cleanest solution would be to use included classes for RESTful APIs, or one can implement them in any framework.

Source: HttpBearerAuth.php

The advantages are explained fully in this article, but to summarise, it's better to use your solution with request headers, since GET parameters might be saved in logs and Basic Auth password can be easily intercepted if you don't use SSL (you should!)