razonyang / yii2-app-template

app/Http/Api/Backend/Form/LoginForm.php

<?php
namespace App\Http\Api\Backend\Form;

use App\Factory\SessionFactory;
use App\Http\Form\LoginForm as BaseLoginForm;
use Yii;

class LoginForm extends BaseLoginForm
{
    /**
     * Logs in a user using the provided username and password.
     *
     * @return bool whether the user is logged in successfully
     */
    protected function handleInternal()
    {
        $transaction = Yii::$app->getDb()->beginTransaction();
        try {
            $user = $this->getUser();

            $session = SessionFactory::create(
                $user->id,
                Yii::$app->params['user.session.duration'],
                Yii::$app->params['user.session.refreshTokenDuration'],
                Yii::$app->getRequest()

It seems like Yii::app->getRequest() can also be of type yii\console\Request; however, parameter $request of App\Factory\SessionFactory::create() does only seem to accept yii\web\Request, maybe add an additional type check?

            );
            if (!$session->save()) {
                Yii::error($session->getErrors(), __METHOD__);
                throw new \RuntimeException('Unable to save session' . \yii\helpers\VarDumper::dumpAsString($session->getErrors()));
            }

            Yii::$app->user->login($user, $this->rememberMe ? 3600 * 24 * 30 : 0);

It seems like $user can also be of type null; however, parameter $identity of yii\web\User::login() does only seem to accept yii\web\IdentityInterface, maybe add an additional type check?

The method login() does not exist on null.

            $transaction->commit();

            return [

The expression return array('id' => $user->id, 'username' => $user->username, 'email' => $user->email, 'token' => $session->token, 'expires_in' => $session->getExpiresIn(), 'refresh_token' => $session->refresh_token, 'refresh_token_expire_in' => $session->getRefreshTokenExpiresIn()) returns the type array<string,integer|string> which is incompatible with the documented return type boolean.

                'id' => $user->id,
                'username' => $user->username,
                'email' => $user->email,
                'token' => $session->token,
                'expires_in' => $session->getExpiresIn(),
                'refresh_token' => $session->refresh_token,
                'refresh_token_expire_in' => $session->getRefreshTokenExpiresIn(),
            ];
        } catch (\Throwable $e) {
            $transaction->rollBack();
            throw $e;
        }
    }
}