Jump to content
thomasaull

Module: RestApi

Recommended Posts

Hi, how do i get multiple images when i query the API?

 

My code:

    public static function getPage($data) {
        $data = RestApiHelper::checkAndSanitizeRequiredParameters($data, ['id|int']);

        $response = new \StdClass();
        $p = wire('pages')->get($data->id);

        if(!$p->id) throw new \Exception('Page not found');

        $response->id = $p->id;
        $response->name = $p->name;
        $response->title = $p->title->getLanguageValue('default');
        $response->body = $p->body->getLanguageValue('default');
        $response->sidebar = $p->sidebar->getLanguageValue('default');
        $response->summary = $p->summary->getLanguageValue('default');
        $response->images = $p->images;

        return $response;
    }

My response now:

{
    "id": 1002,
    "name": "child-page-example-1",
    "title": "Child page example 1",
    "body": "<h2>Ut capio feugiat saepius torqueo olim</h2>\n\n<h3>In utinam facilisi eum vicis feugait nimis</h3>\n\n<p>Iusto incassum appellatio cui macto genitus vel. Lobortis aliquam luctus, roto enim, imputo wisi tamen. Ratis odio, genitus acsi, neo illum consequat consectetuer ut.</p>\n\n<blockquote>\n<p>Wisi fere virtus cogo, ex ut vel nullus similis vel iusto. Tation incassum adsum in, quibus capto premo diam suscipere facilisi. Uxor laoreet mos capio premo feugait ille et. Pecus abigo immitto epulae duis vel. Neque causa, indoles verto, decet ingenium dignissim.</p>\n</blockquote>\n\n<p>Patria iriure vel vel autem proprius indoles ille sit. Tation blandit refoveo, accumsan ut ulciscor lucidus inhibeo capto aptent opes, foras.</p>\n\n<h3>Dolore ea valde refero feugait utinam luctus</h3>\n\n<p>Usitas, nostrud transverbero, in, amet, nostrud ad. Ex feugiat opto diam os aliquam regula lobortis dolore ut ut quadrum. Esse eu quis nunc jugis iriure volutpat wisi, fere blandit inhibeo melior, hendrerit, saluto velit. Eu bene ideo dignissim delenit accumsan nunc. Usitas ille autem camur consequat typicus feugait elit ex accumsan nutus accumsan nimis pagus, occuro. Immitto populus, qui feugiat opto pneum letalis paratus. Mara conventio torqueo nibh caecus abigo sit eum brevitas. Populus, duis ex quae exerci hendrerit, si antehabeo nobis, consequat ea praemitto zelus.</p>\n\n<p>Immitto os ratis euismod conventio erat jus caecus sudo. code test Appellatio consequat, et ibidem ludus nulla dolor augue abdo tego euismod plaga lenis. Sit at nimis venio venio tego os et pecus enim pneum magna nobis ad pneum. Saepius turpis probo refero molior nonummy aliquam neque appellatio jus luctus acsi. Ulciscor refero pagus imputo eu refoveo valetudo duis dolore usitas. Consequat suscipere quod torqueo ratis ullamcorper, dolore lenis, letalis quia quadrum plaga minim.</p>",
    "sidebar": "<h3>Sudo nullus</h3>\n\n<p>Et torqueo vulpes vereor luctus augue quod consectetuer antehabeo causa patria tation ex plaga ut. Abluo delenit wisi iriure eros feugiat probo nisl aliquip nisl, patria. Antehabeo esse camur nisl modo utinam. Sudo nullus ventosus ibidem facilisis saepius eum sino pneum, vicis odio voco opto.</p>",
    "summary": "Dolore ea valde refero feugait utinam luctus. Probo velit commoveo et, delenit praesent, suscipit zelus, hendrerit zelus illum facilisi, regula. ",
    "images": [
        {}
    ]
}

Thanks for the great module!

Share this post


Link to post
Share on other sites

Hi @gottberg

There is a bit of work to get images, as the way you are doing return Images Objects and not array. You can have a look at this file to see the "complexity" to retrieve those objects :

https://github.com/microcipcip/processvue/blob/master/site-processvue/templates/inc/pagefields.php#L236

 

Or you can build your own images array before assigning it to the API answer :

 

See updated ImageHelper.php file at the bottom of this post.

 

/* 
route :  
'page' => [
    ['GET', '{id:\d+}', Example::class, 'getPage', ["auth" => false]]
  ]
*/

// get page route answer function
public static function getPage($data)
  {
    $data = RestApiHelper::checkAndSanitizeRequiredParameters($data, ['id|int']);

    $response = new \StdClass();
    $p = wire('pages')->get($data->id);

    if(!$p ->id) throw new \Exception('Page not found');

    $response->id = $p->id;
    $response->name = $p->name;
    $response->title = $p->title;
    $response->body = $p->body;
    $response->sidebar = $p->sidebar;
    $response->summary = $p->summary;

	// our own images array
    $images = array();
    foreach ($p->images as $image) {
      array_push($images, array(
        $image->name => array(
            'url'  => $image->url,
            'filename' => $image->filename,
            'width' => $image->width,
            'height' => $image->height
			// ...
          )
        )
      );
    }
    $response->images = $images;

    return $response;
  }

 

Result :

41790518_Capturedecran2019-02-23a11_11_55.thumb.png.3fc4c290c11102c927dd4ff7c9068bec.png

 

---

 

Edit :

The image class helper :

<?php namespace ProcessWire;

/**
 * InputfieldImage Helper
 * Use for single image
 * 
 * Usage :
 *  $image is your ProcessWire PageImage
 *  return ImageHelper::get($image, [400, 800, 1200, 2000, 2500]);
 */

class ImageHelper {
  public static function get ($image, $widths = [400, 800, 1200]) {
    $response = new \StdClass();
    $response->focus = ["x" => $image->focus['left'], "y" => $image->focus['top']];
    $response->urls = [];
    $response->description = $image->description;
    $response->name = $image->basename;
    $response->width = $image->width;
    $response->height = $image->height;

    foreach ($widths as $width) {
      $croppedImage = $image->width($width);

      $url = new \StdClass();
      $url->url = $croppedImage->httpUrl;
      $url->width = $croppedImage->width;
      $url->height = $croppedImage->height;
      $url->ratio = $croppedImage->height / $croppedImage->width;

      array_push($response->urls, $url);
    }

    return $response;
  }
}


/**
 * InputfieldImage Helper
 * Use for multiple images
 * 
 * Usage :
 *  $images is your ProcessWire PageImages
 *  return ImagesHelper::get($images, [400, 800, 1200, 2000, 2500]);
 */

class ImagesHelper {
  public static function get($images, $widths = [400, 800, 1200]) {
    $response = new \StdClass();
    $response->images = [];
    $img = new \StdClass();

    // our own images array
    $imagesArr = array();
    foreach ($images as $image) {
      $img->focus = ["x" => $image->focus['left'], "y" => $image->focus['top']];
      $img->urls = [];
      $img->description = $image->description;
      $img->name = $image->basename;
      $img->width = $image->width;
      $img->height = $image->height;

      foreach ($widths as $width) {
        $croppedImage = $image->width($width);

        $url = new \StdClass();
        $url->url = $croppedImage->httpUrl;
        $url->width = $croppedImage->width;
        $url->height = $croppedImage->height;
        $url->ratio = $croppedImage->height / $croppedImage->width;

        array_push($img->urls, $url);
      }

      array_push($response->images, $img);
    }

    return $response;
  }
}

 

Edited by flydev
Code - ImageHelper Class
  • Like 2

Share this post


Link to post
Share on other sites
On 12/5/2018 at 12:53 PM, eelkenet said:

I ran into an issue that is related to the way the RestAPI circumvents the pagetree structure (running the checkIfApiRequest hook before rendering any page).
This method made it impossible to use ProCache for API requests that could (and should) return a cached result, such as for static site content. I thought about creating a custom caching system on top of RestApi, but ProCache is just too well designed to ignore here.   

 I wrote a post about this on the ProCache VIP-forum, but as this forum is not accessible to all people I'd like to share my (admittedly hacky) solution for this. Basically I add another (cacheable) endpoint in the pagetree, which pipes the request to the RestApi endpoint: 

  1. Create a new template and corresponding page (I called both 'api'). 
  2. Set the content-type of this template to application/json, and disable any prepending/appending of files.  
  3. Add the following code to the template: 

<?php //site/templates/api.php

$protocol = $config->https ? "https://" : "http://";
$endpoint = $modules->get("RestApi")->endpoint;
$hostname = $config->httpHost;
$segments = implode("/", $input->urlSegments);
$url =  $protocol.$hostname."/".$endpoint.$segments;

return file_get_contents($url);

I'm sure there would be a better, cleaner way of doing this. A current downside is that there now are 2 seemingly identical endpoints for my site.
One is cached, and the other is 'live'.  

Any ideas?

@eelkenet I'm sorry, somehow I missed your post. Do you think there is any way I can support ProCache with the module itself? I could also use a page in the pagetree to deliver the endpoint instead of doing it with a Hook

  • Like 2

Share this post


Link to post
Share on other sites

@gottberg @flydev I created a small helper class for dealing with responsive images:

<?php namespace ProcessWire;

class Image {
  public static function get ($image, $widths = [400, 800, 1200]) {
    $response = new \StdClass();
    $response->focus = ["x" => $image->focus['left'], "y" => $image->focus['top']];
    $response->urls = [];
    $response->description = $image->description;
    $response->name = $image->basename;
    $response->width = $image->width;
    $response->height = $image->height;

    foreach ($widths as $width) {
      $croppedImage = $image->width($width);

      $url = new \StdClass();
      $url->url = $croppedImage->httpUrl;
      $url->width = $croppedImage->width;
      $url->height = $croppedImage->height;
      $url->ratio = $croppedImage->height / $croppedImage->width;

      array_push($response->urls, $url);
    }

    return $response;
  }
}

Usage:

// $image is your ProcessWire PageImage
return Image::get($image, [400, 800, 1200, 2000, 2500]);

 

  • Like 1
  • Thanks 2

Share this post


Link to post
Share on other sites
7 hours ago, thomasaull said:

@eelkenet I could also use a page in the pagetree to deliver the endpoint instead of doing it with a Hook

Hi @thomas, no problem. And yes, definitely! I think that would be much better.
Anything that comes from inside the regular page rendering can be cached with ProCache.

  • Like 2

Share this post


Link to post
Share on other sites
On 2/25/2019 at 5:19 PM, eelkenet said:

Hi @thomas, no problem. And yes, definitely! I think that would be much better.
Anything that comes from inside the regular page rendering can be cached with ProCache. 

It might be a good idea to make this configurable, so the user can choose between a webhook or select a page to act as the api endpoint. You wanna provide a PR @eelkenet? I'm a bit short of time currently.

Share this post


Link to post
Share on other sites

@thomasaull 

I noticed something annoying in the API endpoint config field, I need to open the devtools and remove the `pattern` attribute manually in order to save the settings, look :

 

restapi-regex.gif.86ba4f74ef03cb663470e8b9f0b4cdf2.gif

 

If you are short on time, I can send a PR.

Share this post


Link to post
Share on other sites
On 2/28/2019 at 2:58 PM, thomasaull said:

It might be a good idea to make this configurable, so the user can choose between a webhook or select a page to act as the api endpoint. You wanna provide a PR @eelkenet? I'm a bit short of time currently.

I'm sorry @thomasaull, but I don't believe I understand the module's inner workings well enough to pull that off 😕

Here is the final cleaned-up and more secure 'api' template that I am using in between the RestApi router and ProCache, perhaps it can be of some help:

Edit: check this reply for an updated version:

 

Share this post


Link to post
Share on other sites

Hey Thomas,

I had some issues yesterday with the jwt-authorization. On a local development server (vagrant, ubuntu, apache). The authorization headers were empty. Therefore the getAuthorizationHeader method in Router.php returned null and the token was not returned. I made a small modification to the method and it works for me. Perhaps it is not the cleanest way, but it's ok for now. Just to let you know.

 

// apache
if (strpos($_SERVER['SERVER_SOFTWARE'], 'Apache') !== false) {
	foreach (apache_request_headers() as $key => $value) {
		$headers[strtolower($key)] = $value;
	}
}
else {
	foreach ($_SERVER as $key => $value) {
		$headers[strtolower($key)] = $value;
	}
}

 

Share this post


Link to post
Share on other sites

@pmichaelis Is vagrant using an apache or nginx server? Can you check where the authorization header is contained in your case (apache_request_headers or $_SERVER)? And what version of php are you using?

Share this post


Link to post
Share on other sites
Posted (edited)

For my project I need an implementation of Basic Auth, so I added a new option 'Basic Auth' available in the module config :

513778484_Capturedecran2019-03-01a15_46_33.png.953386b31c415f513c8ede1a0db25cd2.png

 

and then, in the Router.php file, method handle(), I added the following code :

// Basic HTTP Authentication
    if($authMethod === 'basic' && $routeNeedsAuth) {
      $authHeader = self::getAuthorizationHeader();
      if(!$authHeader) {
        self::displayError('Bad Request', 400);
      }
      
      $hash = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6)) ;
      $authHeader = explode(':', $hash, 2);
      if(!isset($authHeader[0]) || !isset($authHeader[1])) {
        self::displayError('No Authorization Header found', 400);
      }

      $credentials = new \StdClass();
      $credentials->user = $authHeader[0];
      $credentials->pass = $authHeader[1];

      RestApiHelper::checkAndSanitizeRequiredParameters($credentials, ['user|selectorValue', 'pass|text']);
      $loggedin = wire('session')->login($credentials->user, $credentials->pass);
      if(!$loggedin) {
        self::displayError('user does not have authorization', 401);
      }
    }

 

and in the method getAuthorizationHeader() I added :

if(array_key_exists('php_auth_user', $headers)) return ['user' => $headers['php_auth_user'], 'pass' => $headers['php_auth_pw']];

 

basic-auth.gif.b6f37977610260df0b98b23cfb002d8c.gif

 

It works, but does it make sense ?

 

Edit: 

Pull Request https://github.com/thomasaull/RestApi/pull/3

 

Edited by flydev
GitHub Pull Request
  • Thanks 1

Share this post


Link to post
Share on other sites

@thomasaull @pmichaelis We had similar issues with the Authorization-header, depending on the server's configuration. In our case, adding the following `RewriteRule` to the .htaccess-file solved the problems:

RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

 

Share this post


Link to post
Share on other sites

Is there any example, how to use for posting a new page?
Example: axios.put("/api/post" ...

Share this post


Link to post
Share on other sites

@flydev Thanks for your PR. I'm going to investigate (feel free to remind me, if you don't hear back)! One concern though, do you think it's a good practice to send the password on every request? In this case you'd have to store the password somewhere in your frontend, which I think is security bad practise. Maybe other people do have an opinion about that?

  • Thanks 1

Share this post


Link to post
Share on other sites
3 hours ago, siilak said:

Is there any example, how to use for posting a new page?
Example: axios.put("/api/post" ... 

@siilak I think all you need to do is to add your route in Routes.php:

$routes = [
  ['PUT', 'user', User::class, 'addUser'],
];

And have some functionality for adding your data in your 'addUser' Function.

Let me know, if it works!

Share this post


Link to post
Share on other sites
Posted (edited)
1 hour ago, thomasaull said:

One concern though, do you think it's a good practice to send the password on every request?

If used with HTTPS, "I don't see it" as a security hole that way. Anyway, the question is legit and could lead to his own post in the security section following by bad/good practices, it also depend on the scenario you are in. If a security token is intercepted, you're screwed up, if the login/password is intercepted, same here and cookies will be eat. The password could be weak and guessed but already a bit restricted in the current version of ProcessWire and can be configured to be stronger. SSL/TLS 0-day ? it's not happening everyday.. but it happen. As always, security.... its also about people "education"..

The only real drawback I see, is that imagine 3 months later after a valid authentication, a token would be invalid, but the user/login should be still valid. Another scenario possible here but the issue could be tackled.

References:

 

Meanwhile maybe @LostKobrakai will have a good comment about that.

Edited by flydev
refs

Share this post


Link to post
Share on other sites

@flydev For http basic auth I'd only use user/password for initial logins and for any subsequent request use some kind of token. Generally I'd support what you said about tls and intercepted requests holding any information be it a password or token, but I think more important is the fact that a user won't insert a password for each request and you don't want your app to somehow cache the supplied password. That's what should never be promoted.

  • Like 2

Share this post


Link to post
Share on other sites
15 hours ago, thomasaull said:

@Sebi@pmichaelis Think I'm going to include @pmichaelis since it does not required additional configuration (actually before I used the RestApi Module with NGINX it was using apache_request_headers anyway)

That's fine. In our case it was necessary to explicitly add the line in the .htaccess-file, but that should be the last solution if everything else fails. 

We already had a similar solution like @pmichaelis's code example to use $_SERVER if apache_request_headers fails. Maybe its more save to check for the function 'apache_request_headers' to exist:

if(function_exists("apache_request_headers")) {

 

  • Thanks 1

Share this post


Link to post
Share on other sites

User registration example:

public static function addUser($data) {
    RestApiHelper::checkAndSanitizeRequiredParameters($data, [
      'username|selectorValue',
      'password|string',
      'email|text',
    ]);

    $item = new User();
    $item->setOutputFormatting(false);
    $item->name = $data->username;
    $item->pass = $data->password;
    $item->email = $data->email;
    $item->addRole('guest');
    $item->save();
    
}

 

  • Like 2

Share this post


Link to post
Share on other sites

The jwt auth mechanism is producing errros on a live system.
I allready looked for "Wrong number of segments", installed the module again, but the error is still there.  Any hints on that?

DATUM/ZEIT BENUTZER URL TEXT
vor 2 Minuten
2019-03-29 13:22:58
api /api/v1/items Error: Exception: Wrong number of segments (in /cms/site/modules/RestApi/Router.php line 131). File: /cms/index.php:64

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By adrian
      Tracy Debugger for ProcessWire
      The ultimate “swiss army knife” debugging and development tool for the ProcessWire CMF/CMS

       
      Integrates and extends Nette's Tracy debugging tool and adds 35+ custom tools designed for effective ProcessWire debugging and lightning fast development
      The most comprehensive set of instructions and examples is available at: https://adrianbj.github.io/TracyDebugger
      Modules Directory: http://modules.processwire.com/modules/tracy-debugger/
      Github: https://github.com/adrianbj/TracyDebugger
      A big thanks to @tpr for introducing me to Tracy and for the idea for this module and for significant feedback, testing, and feature suggestions.
    • By adrian
      This module allows you to automatically rename file (including image) uploads according to a configurable format
      This module lets you define as many rules as you need to determine how uploaded files will be named and you can have different rules for different pages, templates, fields, and file extensions, or one rule for all uploads. Renaming works for files uploaded via the admin interface and also via the API, including images added from remote URLs.   Github: https://github.com/adrianbj/CustomUploadNames
      Modules Directory: http://modules.processwire.com/modules/process-custom-upload-names/
      Renaming Rules
      The module config allows you to set an unlimited number of Rename Rules. You can define rules to specific fields, templates, pages, and file extensions. If a rule option is left blank, the rule with be applied to all fields/templates/pages/extensions. Leave Filename Format blank to prevent renaming for a specific field/template/page combo, overriding a more general rule. Rules are processed in order, so put more specific rules before more general ones. You can drag to change the order of rules as needed. The following variables can be used in the filename format: $page, $template, $field, and $file. For some of these (eg. $field->description), if they haven't been filled out and saved prior to uploading the image, renaming won't occur on upload, but will happen on page save (could be an issue if image has already been inserted into RTE/HTML field before page save). Some examples: $page->title mysite-{$template->name}-images $field->label $file->description {$page->name}-{$file->filesize}-kb prefix-[Y-m-d_H-i-s]-suffix (anything inside square brackets is is considered to be a PHP date format for the current date/time) randstring[n] (where n is the number of characters you want in the string) ### (custom number mask, eg. 001 if more than one image with same name on a page. This is an enhanced version of the automatic addition of numbers if required) If 'Rename on Save' is checked files will be renamed again each time a page is saved (admin or front-end via API). WARNING: this setting will break any direct links to the old filename, which is particularly relevant for images inserted into RTE/HTML fields. The Filename Format can be defined using plain text and PW $page variable, for example: mysite-{$page->path} You can preserve the uploaded filename for certain rules. This will allow you to set a general renaming rule for your entire site, but then add a rule for a specific page/template/field that does not rename the uploaded file. Just simply build the rule, but leave the Filename Format field empty. You can specify an optional character limit (to nearest whole word) for the length of the filename - useful if you are using $page->path, $path->name etc and have very long page names - eg. news articles, publication titles etc. NOTE - if you are using ProcessWire's webp features, be sure to use the useSrcExt because if you have jpg and png files on the same page and your rename rules result in the same name, you need to maintain the src extension so they are kept as separate files.
      $config->webpOptions = array(     'useSrcExt' => false, // Use source file extension in webp filename? (file.jpg.webp rather than file.webp) ); Acknowledgments
      The module config settings make use of code from Pete's EmailToPage module and the renaming function is based on this code from Ryan: http://processwire.com/talk/topic/3299-ability-to-define-convention-for-image-and-file-upload-names/?p=32623 (also see this post for his thoughts on file renaming and why it is the lazy way out - worth a read before deciding to use this module). 
       
       
      NOTE:
      This should not be needed on most sites, but I work with lots of sites that host PDFs and photos/vectors that are available for download and I have always renamed the files on upload because clients will often upload files with horrible meaningless filenames like:
      Final ReportV6 web version for John Feb 23.PDF

    • By Mike Rockett
      Jumplinks for ProcessWire
      Release: 1.5.56
      Composer: rockett/jumplinks
      Jumplinks is an enhanced version of the original ProcessRedirects by Antti Peisa.
      The Process module manages your permanent and temporary redirects (we'll call these "jumplinks" from now on, unless in reference to redirects from another module), useful for when you're migrating over to ProcessWire from another system/platform. Each jumplink supports wildcards, shortening the time needed to create them.
      Unlike similar modules for other platforms, wildcards in Jumplinks are much easier to work with, as Regular Expressions are not fully exposed. Instead, parameters wrapped in curly braces are used - these are described in the documentation.
      Under Development: 2.0, to be powered by FastRoute
      As of version 1.5.0, Jumplinks requires at least ProcessWire 2.6.1 to run.
      View on GitLab
      Download via the Modules Directory
      Read the docs
      Features
      The most prominent features include:
      Basic jumplinks (from one fixed route to another) Parameter-based wildcards with "Smart" equivalents Mapping Collections (for converting ID-based routes to their named-equivalents without the need to create multiple jumplinks) Destination Selectors (for finding and redirecting to pages containing legacy location information) Timed Activation (activate and/or deactivate jumplinks at specific times) 404-Monitor (for creating jumplinks based on 404 hits) Additionally, the following features may come in handy:
      Stale jumplink management Legacy domain support for slow migrations An importer (from CSV or ProcessRedirects) Feedback & Feature Requests
      I’d love to know what you think of this module. Please provide some feedback on the module as a whole, or even regarding smaller things that make it whole. Also, please feel free to submit feature requests and their use-cases.
      Note: Features requested so far have been added to the to-do list, and will be added to 2.0, and not the current dev/master branches.
      Open Source

      Jumplinks is an open-source project, and is free to use. In fact, Jumplinks will always be open-source, and will always remain free to use. Forever. If you would like to support the development of Jumplinks, please consider making a small donation via PayPal.
      Enjoy! :)
×
×
  • Create New...