Yii2 global filter/behavior to force user to authenticate first
Ok, so I had to add the following code below 'components' => [...]
'as beforeRequest' => [ 'class' => 'yii\filters\AccessControl', 'rules' => [ [ 'actions' => ['login', 'error'], 'allow' => true, ], [ 'allow' => true, 'roles' => ['@'], ], ],],
Read more about the format: http://www.yiiframework.com/doc-2.0/guide-concept-configurations.html#configuration-format
I'm actually not versed into Yii2 (but very much so into Yii1).
One solution that can be employed in Yii1 and I guess also in Yii2 is having a filter method in a master Controller class. Typically a single controller serves as a master controller. If you don't have one, create it and everyone should extend it. You can implement this probably not as a filter but in other methods of this 'master controller' (init() ?)If all activity is going through controller class then you're set.