Content of the «Security» section:
- Security Overview
- Working with Passwords
- Auth Clients
- Best Practices
Articles section «Security»:
Authorization in Yii is the process of verifying that a user has enough permission to do something. Yii 2 provides two authorization methods: Access Control Filter (ACF) and Role-Based Access Control (RBAC).
Authentication in Yii 2 is the process of verifying the identity of a user. It usually uses an identifier (username or an email address) and a secret token (a password or an access token) to judge if the user is the one whom he claims as. Yii provides an authentication framework.