Jump to content

androbey

Members
  • Posts

    63
  • Joined

  • Last visited

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

androbey's Achievements

Full Member

Full Member (4/6)

23

Reputation

  1. Hey @Sebi, thanks for looking into the issue. You are absolutley right, when specifying it as a GET parameter it works without issues. This is anyhow the better way. Thank you again 🙂
  2. Hi @Sebi, thank you for your response. That was the first thing I checked. For the API request I am using vanilla JS (fetch) and I'm using the encodeURIComponent() function. Also in network tab in dev tools I can see the request is transmitted as it should be according to RFC 3986. I would digg deeper, but I don't know where the status code gets injected for a (in fact) successful request.
  3. I am using AppAPI module for a project and it's amazing. Thanks @Sebi! However I encountered a (for me) very strange behaviour. I defined an endpoint for a search functionality (for use via ajax). //... //defined route in Router.php 'search' => [ ['GET', '{q}', Search::class, 'getSearchResults', ["auth" => true]], ], I call the endpoint via ajax (content type application/json). The "q" parameter is free text and uri encoded. Now, when "q" is a single word no problem occurs. However if "q" has a space like "my query" the response has a HTTP status code 404, although returning the correct results. So the route itself is working fine. I am not sure what causes this. Has anybody some clues? used versions: AppAPI 1.1.7, ProcessWire 3.0.184, Php 7.4
  4. Hi @Marcel, you can find the "AppAPI" config page with following schema: {{YOUR_DOMAIN_COM}}/{{ADMIN_PATH}}/{{SETUP_PATH}}/appapi/ For a "default" ProcessWire installation on "example.com" this would be: https://example.com/processwire/setup/appapi/ There you need to manage your applications. Then, in your Router.php file you need to define routes (=endpoints).
  5. Ok you try to bind the value to an element with id "map2", but you don't have an element with that id. Your input element probably needs that id: <input type="hidden" name="map2" id="map2">
  6. Hi @webhoes, it can be that I am overlooking something, but as far as I can see you don't have a "name" attribute called "update" in your button element. So your if statement never evaluates to true.
  7. Maybe that's what you are looking for: https://processwire.com/blog/posts/pw-3.0.137/#on-demand-mirroring-of-remote-web-server-files-to-your-dev-environment
  8. I still don't get why I am logged out of site2 when "force login" on site1, but replacing $site1->session->forceLogin($userSite1); //with following (replacement): $site1->session->setCurrentUser($userSite1); seems to have the desired effect without logging out the user on site2.
  9. Hi all, I have a special setup right now, which uses two ProcessWire instances with two different databases (no "multi-site" setup), let's call them site1 and site2. I want to access data from site1 on site2 through the multi-instance feature. It happens that some users of site2 may have an account on site1 as well and for them I store their user id on site2. Now I want to force login those users, when I want to use a page find function. This way I can still manage access to pages on site1. If I don't login those users on site1, no results are returned for access controlled pages, unless I add the check_access flag to 0 (which I want to avoid). So far so good. However, once I force login those users on site1 the user is logged out of site2 automatically (which means the user acctually cannot use the site). Both sites are running exact same versions (v 3.0.178) and have different sessions names. // on site2 $path = '/home/modules/www/site1'; // The root URL for the PW installation $url = 'http://examplesite1.com'; // Create a new ProcessWire instance $site1 = new ProcessWire($path, $url); //get user object from site1 -> "$userSite1" //force login user.. $site1->session->forceLogin($userSite1); $myPages = $site1->pages->find("template=my_access_controlled_template"); // pages are returned that $userSite1 has access to //at this stage currently logged-in $user of site2 is logged out I hope the problem is clear. Is there anything I can do to avoid the log out (without having to use check_access flag)?
  10. Hi all, I am once again seeking for help or at least some hints. I have the following "problem": I want to allow users to enable two-factor authentication from the frontend. So they should only be presented an option to enable TOTP (display QR code/secret and code input element) - no other profile edit related stuff is needed. I looked at the "TfaTotp" module class and I am not sure if one could use it in the frontend at all (as it seems to heavily rely on the user profile form in the backend). So my main question is: Is it possible to use this class for my usecase in the frontend without changing the code / duplicating it?
  11. @Adam Thank you! It works very well now. I also tried to include it on a front end login page (which does not use the Login/Register (pro) module). With the example in the Tfa class the authorization form was never called and I figured it was because the tfa token changed because tfa's success method was called without tfa being started yet. So the token was reset and hence mismatched with the token in the get variable. Using a new session variable did the trick. I thought I'd share this if anyone also comes across this. $tfa = new Tfa(); $tfaStarted = $session->get('tfa_started'); if ($tfaStarted && $tfa->success()) { //redirect to some page if logged in $session->redirect('/some/page'); } else if ($tfa->active()) { //only set this variable if $tfa->active() is true. That also means the auth form is rendered. $session->set('tfa_started', true); //echo the form somewhere in your HTML $tfaRender = $tfa->render(); } else if ($input->post('login_request')) { //get input name and password (also CSRF token...) $inputName = $input->post('user_name'); $inputPassword = $input->post('user_password'); $tfa->start($inputName, $inputPassword); $session->remove('tfa_started'); /* do regular login stuff here if user has no 2FA set up */ } else { // render login form if ($session->get('tfa_started')) { //remove session variable and reload page (otherwise $tfa->success() would be called) $session->remove('tfa_started'); $session->redirect($page->url); } } /* don't forget to include scripts in your HTML markup <script src="<?= $config->urls->siteModules ?>TfaU2F/u2f-api/u2f-api-polyfill.js"></script> <script src="<?= $config->urls->siteModules ?>TfaU2F/TfaU2F.js"></script> */
  12. Yeah, that is the strange part. I don't get this option to set up the key. I have self signed SSL set up locally. But result is the same with SSL turned off (no errors whatsoever). To check if something else is wrong with my setup I installed the TOTP module, which shows the option (with QR code) after changing and saving the user page.
  13. Hi @Adam, First of all, thank you for the module! I wanted to try it out myself now, but I can't get any further. I think I'm being a bit of a jerk, but I could use some help. I have downloaded the module and successfully installed it on a new ProcessWire installation. There are no other modules installed separately. When I change the 2FA type to U2F on a user no option to store a key comes up (no error in the console either). I tried it on a site with domain and TLS/https and on localhost. Do you have any idea what it could be? Do I have to configure something somewhere to make it work?
  14. Hi all, For one page template I want to track all changes made to pages with this template (ideally including repeater fields). However, I can't even track changes of simple text fields and I don't know why. It's important to note that I add and change pages via the API and not in the backend. For each page change I added: <?php // get the page $p $p->setTrackChanges(Wire::trackChangesValues); $p->setTrackChanges(true); //do changes to fields... $p->save(); I have a autoload module which hooks after Pages::saveReady. <?php /* get the page from the HookEvent $page->getChanges(true); returns always empty array $page->getChanges(); returns always empty array However on the same run checking a field explicitly ProcessWire recognizes that a field is changed: */ if ($page->isChanged('sample_field')) { //code in here is executed.. } Changing a field in ProcessWire backend "$page->getChanges(true)" does return an assoc array with changed fields, but the value is always null. Clearly I must do something wrong, but what is ist?
  15. @kongondo Wow, thank you for your effort! I would agree that user education is indeed a valid point, but also they sometimes don't behave like should do. Also giving the users some freedom is usually a good idea (if they do use the system as intended). @Robin S solution is of course really nice. Both solutions have some minor drawback for me (language page variants are disabled by default) and I thought it may be better to let the user edit the page name after all. That's why I changed Robin's solution to hide multi language title field on page creation: $this->addHookAfter('ProcessPageAdd::buildForm', function(HookEvent $event) { $restrictedTemplates = ['test-template']; $restrictedTemplatesIds = wire('templates')->find("name=". join('|', $restrictedTemplates))->explode('id'); $form = $event->return; $template = $form->template; if($template && in_array($template->value, $restrictedTemplatesIds)){ $form->title->useLanguages = false; $form->_pw_page_name->collapsed = Inputfield::collapsedYes; } }); This way I have the best of both aproaches (for me): Page has no multi language title, but page has nevertheless all languages enabled. Could probably be improved but it does its job for me. Thank you again!
×
×
  • Create New...