How to improve authorization Yii2?

I have done admin panel as a module. As a form of authorization took a standard with Yii. But what is all the juice

If I go to the admin panel http://localhost/basic/web/index.php?r=admin

Yes, it requires a username and password if auth_key is not and cookies.

And only after authorization let go.

But I decided to check, and if I'm not logged as admin , I'm out of cookies and auth_key is empty will drop you on the way

http://localhost/basic/web/index.php?r=admin/vacancies/index


And voila, it found. Te from my protection sign-encrypt passwords avail 0) PS CNC are not yet set as he is in big trouble.

Tell me how can apnut admin area, so you can't go to the pages admin panel if you are not authorized
June 7th 19 at 14:38
1 answer
June 7th 19 at 14:40
Solution
I'll try to paszamant, in order to close the access of unauthorized. - Lizzie21 commented on June 7th 19 at 14:43
Added to the Module class rules
public function behaviors()
{
 return [
 'access' => [
 'class' => AccessControl::className(),
 'rules' => [
[
 'allow' => true,
 'roles' => ['@'],
],
],
],
];
 }


And all if admin is not logged in, throws on authorization - Lizzie21 commented on June 7th 19 at 14:46

Find more questions by tags Yii