Jump to content

Recommended Posts

Thank you for the profile. 

I'm trying to move client vue part to another domain. In order to do that, i had to make a few modifications:

 

to Auth.php:

public static function preflight() 
{
	return "OK";
}

to Router.php:

header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: Authorization, Content-Type');
.
.
  $r->addGroup('/auth', function (\FastRoute\RouteCollector $r)
  {
    $r->addRoute('OPTIONS', '', Auth::class . '@preflight');
.
.
  $r->addGroup('/test', function (\FastRoute\RouteCollector $r)
  {
    $r->addRoute('OPTIONS', '', Auth::class . '@preflight');

and change  axios.defaults.baseURL

but after login it stays as "guest" (User logged in: guest)

It seems that it's impossible to use session (wire('session')->login) in that situation.

 

Could you advice how to pass and re-use, for example, user ID, bypassing processwire session (may be through encoding it with JWT)?

 

Nikolay

 

 

 

Link to post
Share on other sites
On 9/6/2018 at 9:30 AM, nicolant said:

 It seems that it's impossible to use session (wire('session')->login) in that situation. 

while the wire('session')->login() should work for this request, it is likely the session is already destroyed on the next one. For this case it might be feasible to store the user id in the jwt payload (like you suggested). Since I'm going to have this case in an upcoming project, I gave it a try this morning. Please check the following commit for the changes I did: https://github.com/thomasaull/RestApiProfile-Src/commit/2dbdc79aa952bece6926dbee896de0a4f434bb6a

I didn't test it with different domains though, so I'd be thankful if you could report back if it works for you! 🙂

Link to post
Share on other sites

Hallo, I wanted to test this site profile and cloned PW 3.0.98 from git. Then cloned the site profile repo and installed PW without any issues. I issued the 2 composer commands to install dependencies.

Environment: Apache with PHP 7.0.29 FPM/FastCGI.

When I try to access api/test, I get the following error

Screenshot_2018-09-08_12-05-43.thumb.png.b6d56abe13abbda1b3c51a78fd7b55a4.png 

Looks like a namespace issue. I didn't change namespaces on any of the files included in the profile. My config.php is not namespaced.

Does anyone have an idea how I can overcome this?

EDIT: apache_request headers became available under FastCGI since 5.4.0 according to http://php.net/manual/en/function.apache-request-headers.php 
EDIT2: After some more investigation I found https://bugs.php.net/bug.php?id=70025. So it seems apache_request_headers is still not supported in PHP 7.0 FPM/CGI environment.
I added templates/inc/functions.php with contents of https://gist.github.com/rmpel/11583cfddfcc9705578428e3a2ee3dc1 and added require "{$config->paths->templates}inc/functions.php"; to api.php
This solved the problem :)-
 

Link to post
Share on other sites
On 9/7/2018 at 12:42 PM, thomasaull said:

while the wire('session')->login() should work for this request, it is likely the session is already destroyed on the next one. For this case it might be feasible to store the user id in the jwt payload (like you suggested). Since I'm going to have this case in an upcoming project, I gave it a try this morning. Please check the following commit for the changes I did: https://github.com/thomasaull/RestApiProfile-Src/commit/2dbdc79aa952bece6926dbee896de0a4f434bb6a

I didn't test it with different domains though, so I'd be thankful if you could report back if it works for you! 🙂

It remembers userId after login, but not on next reload of content, when   if(wire('user')->isGuest())  in Auth.php returns true.

Instead in auth() it should again read userId from token, but since $decoded variable is available only in Router...

 

EDIT:

It seems that retrieved JWT should be kept in sessionStorage entirely client-side. In order to do that I'd have to use VuexPersist plugin.

I'd have to move setting of authorization header (in my case, axios.defaults.headers.common['Authorization'] = 'Bearer ' + this.$store.state.jwt) from mutations.js to Content.vue. Not sure though that it's an elegant way.

I forked your repo with modifications here:

https://github.com/nicolant/RestApiProfile

 

Link to post
Share on other sites

The auth() and login() functions are usually just used once to login a user and obtain an JWT token. The token is currently stored in vuex and will be lost on reload. The /client folder is also just intended to get you started and give you a general idea how the jwt login process could work. Anyway I think you figured it out by now 😉

Link to post
Share on other sites
On 9/8/2018 at 12:11 PM, gebeer said:

Hallo, I wanted to test this site profile and cloned PW 3.0.98 from git. Then cloned the site profile repo and installed PW without any issues. I issued the 2 composer commands to install dependencies.

Environment: Apache with PHP 7.0.29 FPM/FastCGI.

When I try to access api/test, I get the following error

Screenshot_2018-09-08_12-05-43.thumb.png.b6d56abe13abbda1b3c51a78fd7b55a4.png 

Looks like a namespace issue. I didn't change namespaces on any of the files included in the profile. My config.php is not namespaced.

Does anyone have an idea how I can overcome this?

EDIT: apache_request headers became available under FastCGI since 5.4.0 according to http://php.net/manual/en/function.apache-request-headers.php 
EDIT2: After some more investigation I found https://bugs.php.net/bug.php?id=70025. So it seems apache_request_headers is still not supported in PHP 7.0 FPM/CGI environment.
I added templates/inc/functions.php with contents of https://gist.github.com/rmpel/11583cfddfcc9705578428e3a2ee3dc1 and added require "{$config->paths->templates}inc/functions.php"; to api.php
This solved the problem :)-
  

@gebeer you can also try to replace apache_request_headers() with $_SERVER which should also work. This way you don't need the any additional functions

  • Like 1
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By opalepatrick
      I am working on my first Process Module. I am creating forms. Fairly straightforward. However, I really can't work out how to create multiple fieldsets?
      $fieldset = $this->modules->get('InputfieldFieldset'); $fieldset->label = 'Customer Source'; $field = $this->modules->get('InputfieldPage'); $field->inputfield = 'InputfieldSelect'; $field->findPagesSelector = 'parent_id=1449, include=hidden'; $field->labelFieldName = 'yff-lead'; $field->name = 'yfflead'; $field->columnWidth = 16; $fieldset->add($field); $field = $this->modules->get('InputfieldPage'); $field->inputfield = 'InputfieldSelect'; $field->findPagesSelector = 'parent_id=1452, include=hidden'; $field->labelFieldName = 'customer-type'; $field->name = 'customertype'; $field->columnWidth = 16; $fieldset->add($field); //Rinse and Repeat $fieldset->label = 'Contacts'; $field = $this->modules->get('InputfieldPage'); $field->inputfield = 'InputfieldSelect'; $field->findPagesSelector = 'parent_id=1538, include=hidden'; $field->labelFieldName = 'salutation'; $field->name = 'salutation'; $field->columnWidth = 16; $fieldset->add($field); I can create the first fieldset (Customer Source) but then get into trouble as the second fieldset overwrites the first. I understand why, but trying to use the open and close fieldset routine has flummoxed me. Any help appreciated.
    • By VeiJari
      Hello forum, we're trying to use Processwire as our REST-API. We are having problems with our API login to Processwire from frontend. It gives us 403 error.
      We have installed ProcessWire to subdirectory (/api/*) and our frontend is static JS files at root ( / ). Apache access logs gives 404 to our POST-request, but browser devtools shows 403 for our POST /api/login request. 
      Processwire backend panel works. We also have a GET endpoint for the API that returns 200 with correct payload.  So we're wondering why does our GET works but POST doesn't?
      Does this have something to do with Processwire .htaccess, or is this because of our webhost? What should we check first? Any help would be appreciated.
    • By rjgamer
      Hi,
      is there a hook after the current (active) page got created? Or which method got called in the Page class after the Constructor of the current page got initialized?
      Thanks.
       
    • By killedfriendz
      I am very sorry for asking this but i totally do not understand how to set values of checbox using API. 
      I have checbox field on my page with name "order_status". 
      So i've tried few ways to make it checked but it still doesn't work:
       
      $userPage->order_status->value = 1; $userPage->order_status->add(1); $userPage->order_status->add(true); Could you please tell me how to do it?
    • By rjgamer
      Hi guys,
      the field "redirect_last" of type DateTime got not updated. The update on the field "redirect_counter" works and got saved.
      Does anybody know what I did wrong in my code?
      if ($input->urlSegment(1) === 'redirect') { $page->of(false); $page->redirect_last = time(); $page->redirect_counter += 1; if ($page->save('redirect_counter')) { $session->redirect($page->website_url, 302); } } Thanks.
×
×
  • Create New...