Jump to content

Module: RestApi


thomasaull

Recommended Posts

Hi, how do i get multiple images when i query the API?

 

My code:

    public static function getPage($data) {
        $data = RestApiHelper::checkAndSanitizeRequiredParameters($data, ['id|int']);

        $response = new \StdClass();
        $p = wire('pages')->get($data->id);

        if(!$p->id) throw new \Exception('Page not found');

        $response->id = $p->id;
        $response->name = $p->name;
        $response->title = $p->title->getLanguageValue('default');
        $response->body = $p->body->getLanguageValue('default');
        $response->sidebar = $p->sidebar->getLanguageValue('default');
        $response->summary = $p->summary->getLanguageValue('default');
        $response->images = $p->images;

        return $response;
    }

My response now:

{
    "id": 1002,
    "name": "child-page-example-1",
    "title": "Child page example 1",
    "body": "<h2>Ut capio feugiat saepius torqueo olim</h2>\n\n<h3>In utinam facilisi eum vicis feugait nimis</h3>\n\n<p>Iusto incassum appellatio cui macto genitus vel. Lobortis aliquam luctus, roto enim, imputo wisi tamen. Ratis odio, genitus acsi, neo illum consequat consectetuer ut.</p>\n\n<blockquote>\n<p>Wisi fere virtus cogo, ex ut vel nullus similis vel iusto. Tation incassum adsum in, quibus capto premo diam suscipere facilisi. Uxor laoreet mos capio premo feugait ille et. Pecus abigo immitto epulae duis vel. Neque causa, indoles verto, decet ingenium dignissim.</p>\n</blockquote>\n\n<p>Patria iriure vel vel autem proprius indoles ille sit. Tation blandit refoveo, accumsan ut ulciscor lucidus inhibeo capto aptent opes, foras.</p>\n\n<h3>Dolore ea valde refero feugait utinam luctus</h3>\n\n<p>Usitas, nostrud transverbero, in, amet, nostrud ad. Ex feugiat opto diam os aliquam regula lobortis dolore ut ut quadrum. Esse eu quis nunc jugis iriure volutpat wisi, fere blandit inhibeo melior, hendrerit, saluto velit. Eu bene ideo dignissim delenit accumsan nunc. Usitas ille autem camur consequat typicus feugait elit ex accumsan nutus accumsan nimis pagus, occuro. Immitto populus, qui feugiat opto pneum letalis paratus. Mara conventio torqueo nibh caecus abigo sit eum brevitas. Populus, duis ex quae exerci hendrerit, si antehabeo nobis, consequat ea praemitto zelus.</p>\n\n<p>Immitto os ratis euismod conventio erat jus caecus sudo. code test Appellatio consequat, et ibidem ludus nulla dolor augue abdo tego euismod plaga lenis. Sit at nimis venio venio tego os et pecus enim pneum magna nobis ad pneum. Saepius turpis probo refero molior nonummy aliquam neque appellatio jus luctus acsi. Ulciscor refero pagus imputo eu refoveo valetudo duis dolore usitas. Consequat suscipere quod torqueo ratis ullamcorper, dolore lenis, letalis quia quadrum plaga minim.</p>",
    "sidebar": "<h3>Sudo nullus</h3>\n\n<p>Et torqueo vulpes vereor luctus augue quod consectetuer antehabeo causa patria tation ex plaga ut. Abluo delenit wisi iriure eros feugiat probo nisl aliquip nisl, patria. Antehabeo esse camur nisl modo utinam. Sudo nullus ventosus ibidem facilisis saepius eum sino pneum, vicis odio voco opto.</p>",
    "summary": "Dolore ea valde refero feugait utinam luctus. Probo velit commoveo et, delenit praesent, suscipit zelus, hendrerit zelus illum facilisi, regula. ",
    "images": [
        {}
    ]
}

Thanks for the great module!

Link to comment
Share on other sites

Hi @gottberg

There is a bit of work to get images, as the way you are doing return Images Objects and not array. You can have a look at this file to see the "complexity" to retrieve those objects :

https://github.com/microcipcip/processvue/blob/master/site-processvue/templates/inc/pagefields.php#L236

 

Or you can build your own images array before assigning it to the API answer :

 

See updated ImageHelper.php file at the bottom of this post.

 

/* 
route :  
'page' => [
    ['GET', '{id:\d+}', Example::class, 'getPage', ["auth" => false]]
  ]
*/

// get page route answer function
public static function getPage($data)
  {
    $data = RestApiHelper::checkAndSanitizeRequiredParameters($data, ['id|int']);

    $response = new \StdClass();
    $p = wire('pages')->get($data->id);

    if(!$p ->id) throw new \Exception('Page not found');

    $response->id = $p->id;
    $response->name = $p->name;
    $response->title = $p->title;
    $response->body = $p->body;
    $response->sidebar = $p->sidebar;
    $response->summary = $p->summary;

	// our own images array
    $images = array();
    foreach ($p->images as $image) {
      array_push($images, array(
        $image->name => array(
            'url'  => $image->url,
            'filename' => $image->filename,
            'width' => $image->width,
            'height' => $image->height
			// ...
          )
        )
      );
    }
    $response->images = $images;

    return $response;
  }

 

Result :

41790518_Capturedecran2019-02-23a11_11_55.thumb.png.3fc4c290c11102c927dd4ff7c9068bec.png

 

---

 

Edit :

The image class helper :

<?php namespace ProcessWire;

/**
 * InputfieldImage Helper
 * Use for single image
 * 
 * Usage :
 *  $image is your ProcessWire PageImage
 *  return ImageHelper::get($image, [400, 800, 1200, 2000, 2500]);
 */

class ImageHelper {
  public static function get ($image, $widths = [400, 800, 1200]) {
    $response = new \StdClass();
    $response->focus = ["x" => $image->focus['left'], "y" => $image->focus['top']];
    $response->urls = [];
    $response->description = $image->description;
    $response->name = $image->basename;
    $response->width = $image->width;
    $response->height = $image->height;

    foreach ($widths as $width) {
      $croppedImage = $image->width($width);

      $url = new \StdClass();
      $url->url = $croppedImage->httpUrl;
      $url->width = $croppedImage->width;
      $url->height = $croppedImage->height;
      $url->ratio = $croppedImage->height / $croppedImage->width;

      array_push($response->urls, $url);
    }

    return $response;
  }
}


/**
 * InputfieldImage Helper
 * Use for multiple images
 * 
 * Usage :
 *  $images is your ProcessWire PageImages
 *  return ImagesHelper::get($images, [400, 800, 1200, 2000, 2500]);
 */

class ImagesHelper {
  public static function get($images, $widths = [400, 800, 1200]) {
    $response = new \StdClass();
    $response->images = [];
    $img = new \StdClass();

    // our own images array
    $imagesArr = array();
    foreach ($images as $image) {
      $img->focus = ["x" => $image->focus['left'], "y" => $image->focus['top']];
      $img->urls = [];
      $img->description = $image->description;
      $img->name = $image->basename;
      $img->width = $image->width;
      $img->height = $image->height;

      foreach ($widths as $width) {
        $croppedImage = $image->width($width);

        $url = new \StdClass();
        $url->url = $croppedImage->httpUrl;
        $url->width = $croppedImage->width;
        $url->height = $croppedImage->height;
        $url->ratio = $croppedImage->height / $croppedImage->width;

        array_push($img->urls, $url);
      }

      array_push($response->images, $img);
    }

    return $response;
  }
}

 

Edited by flydev
Code - ImageHelper Class
  • Like 3
Link to comment
Share on other sites

On 12/5/2018 at 12:53 PM, eelkenet said:

I ran into an issue that is related to the way the RestAPI circumvents the pagetree structure (running the checkIfApiRequest hook before rendering any page).
This method made it impossible to use ProCache for API requests that could (and should) return a cached result, such as for static site content. I thought about creating a custom caching system on top of RestApi, but ProCache is just too well designed to ignore here.   

 I wrote a post about this on the ProCache VIP-forum, but as this forum is not accessible to all people I'd like to share my (admittedly hacky) solution for this. Basically I add another (cacheable) endpoint in the pagetree, which pipes the request to the RestApi endpoint: 

  1. Create a new template and corresponding page (I called both 'api'). 
  2. Set the content-type of this template to application/json, and disable any prepending/appending of files.  
  3. Add the following code to the template: 

<?php //site/templates/api.php

$protocol = $config->https ? "https://" : "http://";
$endpoint = $modules->get("RestApi")->endpoint;
$hostname = $config->httpHost;
$segments = implode("/", $input->urlSegments);
$url =  $protocol.$hostname."/".$endpoint.$segments;

return file_get_contents($url);

I'm sure there would be a better, cleaner way of doing this. A current downside is that there now are 2 seemingly identical endpoints for my site.
One is cached, and the other is 'live'.  

Any ideas?

@eelkenet I'm sorry, somehow I missed your post. Do you think there is any way I can support ProCache with the module itself? I could also use a page in the pagetree to deliver the endpoint instead of doing it with a Hook

  • Like 2
Link to comment
Share on other sites

@gottberg @flydev I created a small helper class for dealing with responsive images:

<?php namespace ProcessWire;

class Image {
  public static function get ($image, $widths = [400, 800, 1200]) {
    $response = new \StdClass();
    $response->focus = ["x" => $image->focus['left'], "y" => $image->focus['top']];
    $response->urls = [];
    $response->description = $image->description;
    $response->name = $image->basename;
    $response->width = $image->width;
    $response->height = $image->height;

    foreach ($widths as $width) {
      $croppedImage = $image->width($width);

      $url = new \StdClass();
      $url->url = $croppedImage->httpUrl;
      $url->width = $croppedImage->width;
      $url->height = $croppedImage->height;
      $url->ratio = $croppedImage->height / $croppedImage->width;

      array_push($response->urls, $url);
    }

    return $response;
  }
}

Usage:

// $image is your ProcessWire PageImage
return Image::get($image, [400, 800, 1200, 2000, 2500]);

 

  • Like 1
  • Thanks 2
Link to comment
Share on other sites

On 2/25/2019 at 5:19 PM, eelkenet said:

Hi @thomas, no problem. And yes, definitely! I think that would be much better.
Anything that comes from inside the regular page rendering can be cached with ProCache. 

It might be a good idea to make this configurable, so the user can choose between a webhook or select a page to act as the api endpoint. You wanna provide a PR @eelkenet? I'm a bit short of time currently.

Link to comment
Share on other sites

On 2/28/2019 at 2:58 PM, thomasaull said:

It might be a good idea to make this configurable, so the user can choose between a webhook or select a page to act as the api endpoint. You wanna provide a PR @eelkenet? I'm a bit short of time currently.

I'm sorry @thomasaull, but I don't believe I understand the module's inner workings well enough to pull that off ?

Here is the final cleaned-up and more secure 'api' template that I am using in between the RestApi router and ProCache, perhaps it can be of some help:

Edit: check this reply for an updated version:

 

Link to comment
Share on other sites

Hey Thomas,

I had some issues yesterday with the jwt-authorization. On a local development server (vagrant, ubuntu, apache). The authorization headers were empty. Therefore the getAuthorizationHeader method in Router.php returned null and the token was not returned. I made a small modification to the method and it works for me. Perhaps it is not the cleanest way, but it's ok for now. Just to let you know.

 

// apache
if (strpos($_SERVER['SERVER_SOFTWARE'], 'Apache') !== false) {
	foreach (apache_request_headers() as $key => $value) {
		$headers[strtolower($key)] = $value;
	}
}
else {
	foreach ($_SERVER as $key => $value) {
		$headers[strtolower($key)] = $value;
	}
}

 

Link to comment
Share on other sites

For my project I need an implementation of Basic Auth, so I added a new option 'Basic Auth' available in the module config :

513778484_Capturedecran2019-03-01a15_46_33.png.953386b31c415f513c8ede1a0db25cd2.png

 

and then, in the Router.php file, method handle(), I added the following code :

// Basic HTTP Authentication
    if($authMethod === 'basic' && $routeNeedsAuth) {
      $authHeader = self::getAuthorizationHeader();
      if(!$authHeader) {
        self::displayError('Bad Request', 400);
      }
      
      $hash = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6)) ;
      $authHeader = explode(':', $hash, 2);
      if(!isset($authHeader[0]) || !isset($authHeader[1])) {
        self::displayError('No Authorization Header found', 400);
      }

      $credentials = new \StdClass();
      $credentials->user = $authHeader[0];
      $credentials->pass = $authHeader[1];

      RestApiHelper::checkAndSanitizeRequiredParameters($credentials, ['user|selectorValue', 'pass|text']);
      $loggedin = wire('session')->login($credentials->user, $credentials->pass);
      if(!$loggedin) {
        self::displayError('user does not have authorization', 401);
      }
    }

 

and in the method getAuthorizationHeader() I added :

if(array_key_exists('php_auth_user', $headers)) return ['user' => $headers['php_auth_user'], 'pass' => $headers['php_auth_pw']];

 

basic-auth.gif.b6f37977610260df0b98b23cfb002d8c.gif

 

It works, but does it make sense ?

 

Edit: 

Pull Request https://github.com/thomasaull/RestApi/pull/3

 

Edited by flydev
GitHub Pull Request
  • Like 1
  • Thanks 1
Link to comment
Share on other sites

  • 3 weeks later...

@flydev Thanks for your PR. I'm going to investigate (feel free to remind me, if you don't hear back)! One concern though, do you think it's a good practice to send the password on every request? In this case you'd have to store the password somewhere in your frontend, which I think is security bad practise. Maybe other people do have an opinion about that?

  • Thanks 1
Link to comment
Share on other sites

3 hours ago, siilak said:

Is there any example, how to use for posting a new page?
Example: axios.put("/api/post" ... 

@siilak I think all you need to do is to add your route in Routes.php:

$routes = [
  ['PUT', 'user', User::class, 'addUser'],
];

And have some functionality for adding your data in your 'addUser' Function.

Let me know, if it works!

Link to comment
Share on other sites

1 hour ago, thomasaull said:

One concern though, do you think it's a good practice to send the password on every request?

If used with HTTPS, "I don't see it" as a security hole that way. Anyway, the question is legit and could lead to his own post in the security section following by bad/good practices, it also depend on the scenario you are in. If a security token is intercepted, you're screwed up, if the login/password is intercepted, same here and cookies will be eat. The password could be weak and guessed but already a bit restricted in the current version of ProcessWire and can be configured to be stronger. SSL/TLS 0-day ? it's not happening everyday.. but it happen. As always, security.... its also about people "education"..

The only real drawback I see, is that imagine 3 months later after a valid authentication, a token would be invalid, but the user/login should be still valid. Another scenario possible here but the issue could be tackled.

References:

 

Meanwhile maybe @LostKobrakai will have a good comment about that.

Edited by flydev
refs
Link to comment
Share on other sites

@flydev For http basic auth I'd only use user/password for initial logins and for any subsequent request use some kind of token. Generally I'd support what you said about tls and intercepted requests holding any information be it a password or token, but I think more important is the fact that a user won't insert a password for each request and you don't want your app to somehow cache the supplied password. That's what should never be promoted.

  • Like 2
Link to comment
Share on other sites

15 hours ago, thomasaull said:

@Sebi@pmichaelis Think I'm going to include @pmichaelis since it does not required additional configuration (actually before I used the RestApi Module with NGINX it was using apache_request_headers anyway)

That's fine. In our case it was necessary to explicitly add the line in the .htaccess-file, but that should be the last solution if everything else fails. 

We already had a similar solution like @pmichaelis's code example to use $_SERVER if apache_request_headers fails. Maybe its more save to check for the function 'apache_request_headers' to exist:

if(function_exists("apache_request_headers")) {

 

  • Thanks 1
Link to comment
Share on other sites

User registration example:

public static function addUser($data) {
    RestApiHelper::checkAndSanitizeRequiredParameters($data, [
      'username|selectorValue',
      'password|string',
      'email|text',
    ]);

    $item = new User();
    $item->setOutputFormatting(false);
    $item->name = $data->username;
    $item->pass = $data->password;
    $item->email = $data->email;
    $item->addRole('guest');
    $item->save();
    
}

 

  • Like 3
Link to comment
Share on other sites

The jwt auth mechanism is producing errros on a live system.
I allready looked for "Wrong number of segments", installed the module again, but the error is still there.  Any hints on that?

DATUM/ZEIT BENUTZER URL TEXT
vor 2 Minuten
2019-03-29 13:22:58
api /api/v1/items Error: Exception: Wrong number of segments (in /cms/site/modules/RestApi/Router.php line 131). File: /cms/index.php:64
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...