Yii2 Invalid Configuration, cookieValidationKey must be configured with a secret key error when accessing the API

2020-02-13 php yii2 composer-php yii2-advanced-app

I am encountering an error whenever I am trying to access my self written API.

{ "name": "Invalid Configuration", "message": "yii\web\Request::cookieValidationKey must be configured with a secret key.", "code": 0, "type": "yii\base\InvalidConfigException", "file": "F:\xampp\htdocs\inventory-web\vendor\yiisoft\yii2\web\Request.php", "line": 1669, "stack-trace": [ "#0 F:\xampp\htdocs\inventory-web\vendor\yiisoft\yii2\web\Request.php(1651): yii\web\Request->loadCookies()", "#1 F:\xampp\htdocs\inventory-web\vendor\yiisoft\yii2\web\Request.php(1739): yii\web\Request->getCookies()", "#2 F:\xampp\htdocs\inventory-web\vendor\yiisoft\yii2\web\Request.php(1721): yii\web\Request->loadCsrfToken()", "#3 F:\xampp\htdocs\inventory-web\vendor\yiisoft\yii2\web\User.php(279): yii\web\Request->getCsrfToken(true)", "#4 F:\xampp\htdocs\inventory-web\vendor\yiisoft\yii2\web\User.php(261): yii\web\User->regenerateCsrfToken()", "#5 F:\xampp\htdocs\inventory-web\vendor\yiisoft\yii2\web\User.php(299): yii\web\User->login(Object(common\models\User))", "#6 F:\xampp\htdocs\inventory-web\vendor\yiisoft\yii2\filters\auth\HttpHeaderAuth.php(62): yii\web\User->loginByAccessToken('aa9d0c9e05a7f35...', 'yii\\filters\\aut...')", "#7 F:\xampp\htdocs\inventory-web\vendor\yiisoft\yii2\filters\auth\AuthMethod.php(59): yii\filters\auth\HttpHeaderAuth->authenticate(Object(yii\web\User), Object(yii\web\Request), Object(yii\web\Response))", "#8 F:\xampp\htdocs\inventory-web\vendor\yiisoft\yii2\base\ActionFilter.php(77): yii\filters\auth\AuthMethod->beforeAction(Object(yii\base\InlineAction))", "#9 [internal function]: yii\base\ActionFilter->beforeFilter(Object(yii\base\ActionEvent))", "#10 F:\xampp\htdocs\inventory-web\vendor\yiisoft\yii2\base\Component.php(627): call_user_func(Array, Object(yii\base\ActionEvent))", "#11 F:\xampp\htdocs\inventory-web\vendor\yiisoft\yii2\base\Controller.php(276): yii\base\Component->trigger('beforeAction', Object(yii\base\ActionEvent))", "#12 F:\xampp\htdocs\inventory-web\vendor\yiisoft\yii2\web\Controller.php(185): yii\base\Controller->beforeAction(Object(yii\base\InlineAction))", "#13 F:\xampp\htdocs\inventory-web\vendor\yiisoft\yii2\base\Controller.php(155): yii\web\Controller->beforeAction(Object(yii\base\InlineAction))", "#14 F:\xampp\htdocs\inventory-web\vendor\yiisoft\yii2\base\Module.php(528): yii\base\Controller->runAction('refdatajson', Array)", "#15 F:\xampp\htdocs\inventory-web\vendor\yiisoft\yii2\web\Application.php(103): yii\base\Module->runAction('v1/survey/refda...', Array)", "#16 F:\xampp\htdocs\inventory-web\vendor\yiisoft\yii2\base\Application.php(386): yii\web\Application->handleRequest(Object(yii\web\Request))", "#17 F:\xampp\htdocs\inventory-web\api\web\index.php(35): yii\base\Application->run()", "#18 {main}" ] }

I have looked at this problem in detail and tried this solution in my config/main.php

$params = array_merge(
    require(__DIR__ . '/../../common/config/params.php'),
    require(__DIR__ . '/../../common/config/params-local.php'),
    require(__DIR__ . '/params.php'),
    require(__DIR__ . '/params-local.php'),
    require(__DIR__ .'/main-local.php')
);
'components' => [
        'request' => [

            'enableCookieValidation' => false,
            'enableCsrfValidation' => false,

        ],    


'request' => [

'enableCookieValidation' => false,// also set it to true

'enableCsrfValidation' => false, // also set it to true
],

In /config/main-local.php I have following

'components' => [
    'request' => [
        // !!! insert a secret key in the following (if it is empty) - this is required by cookie validation
        'cookieValidationKey' => 'someRandomKey', 

    ],
],

It's not working for me. Any help would be highly appreciated.

Answers

Remove the request component from the common/config/main-local.php and just keep it into the frontend/config/main-local.php.

Then add the following in your api/config/main.php under components to turn off cookie validation for the API.

 'components' => [
        'request' => [
            'enableCookieValidation' => false,
            'enableCsrfValidation' => false,
        ],

Related