Jump to content
thomasaull

Module: RestApi

Recommended Posts

@pmichaelis If the error is thrown in line 131 it's likeley there is an error with the JWT Authorization. Maybe the Token you're submitting is not valid, maybe something else. Hard to tell with the little information you provided.

Oh, just noticed you already mentioned the JWT Auth… 🙂 Probably the error is produced in those 4 lines:

$secret = wire('modules')->RestApi->jwtSecret;
$token = str_replace('Bearer', '', $authHeader);
$token = trim($token);
$decoded = JWT::decode($token, wire('modules')->RestApi->jwtSecret, array('HS256'));

if the secret is in your config and you didn't change it, I'd check if the token gets transmitted properly with the request.

Share this post


Link to post
Share on other sites
5 hours ago, thomasaull said:

@pmichaelis If the error is thrown in line 131 it's likeley there is an error with the JWT Authorization. Maybe the Token you're submitting is not valid, maybe something else. Hard to tell with the little information you provided.

@thomasaull It seems that the authorisation headers are not present.

Added the following line to the htaccess:

RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

auth headers are stored in following variable

$_SERVER['REDIRECT_HTTP_AUTHORIZATION'];

Please don't ask why.

Share this post


Link to post
Share on other sites

@pmichaelis I'm gonna ask anyway: Why? 😉

Seems like a weird server config, but I could add this to the variables the module checks by default.

  • Like 1
  • Haha 1

Share this post


Link to post
Share on other sites
On 2/28/2019 at 3:17 PM, eelkenet said:

Here is the final cleaned-up and more secure 'api' template that I am using in between the RestApi router and ProCache, perhaps it can be of some help:

 

I ran into issues with a slow server using this method, where wireHttp would already resolve a result while RestApi was still running.
So with help from my co-worker @harmvandeven we came up with a more stable version, with some more redundancy: 
 

<?php

/*

    api.php, a simple PW template to fill the gap between the RestApi and ProCache modules
    v2

    @author: @eelkenet, with help from @harmvandeven & @ryan

    1. Create a template called 'api' and set it up using the following settings:
    - Allow URL segments
    - Allow guests to view the page
    - Set the Content-Type to application/json
    - Make sure to NOT Prepend or Append any files

    2. Add a page using this template and allow ProCache to run its magic

*/

$timeout = 600;
$maxAttempts = 10;

// Pre-check for unwanted symbols
if (strpos($input->urlSegmentStr(), '.') !== false) {
    throw new Wire404Exception();
}

// Build request URL
$endpoint = $modules->get("RestApi")->endpoint;
$url = $input->scheme() . "://" . $config->httpHost . "/" . $endpoint ."/" . $input->urlSegmentStr();

$http = new WireHttp();

// Set a high timeout, to deal with a slow server
$http->setTimeout($timeout);

// Get the HTTP status of the page, to make sure it exists in the first place
$status = $http->status($url);

// If the page exists, or possibly redirects to valid content
if ($status >= 200 && $status < 400) {

    $result = false;
    $attempt = 0;

    // If the result isn't a string, something went wrong
    while(gettype($result) !== "string" && $attempt++ < $maxAttempts) {

        $result = $http->get($url);
        if ($attempt > 1) wire()->log->message("Loading content at $url, attempt $attempt: " . gettype($result));
    }

    // Double check if the data is a string..
    if (gettype($result) === "string"){

        // .. And check if it can be decoded, if so: return the data and thus cache it
        if (json_decode($result) !== NULL) return $result;

        // If it cannot be decoded: throw exception (don't cache it)
        throw new WireException("Found the data at $url, but it could not be decoded. Please check your API output!");
    }

    // Throw exception if data could not be loaded in time (don't cache it)
    throw new WireException("Found the data at $url, but could not load it in time, after $attempt attempts. Result has type: " . gettype($result));

}

// Throw generic exception if the requested page was not found or there was another error
throw new WireException("Failed to load the content at: $url, with HTTP status: " . $status);

 

 

 

  • Like 4

Share this post


Link to post
Share on other sites

Hi

I've just installed this module (processwire version 3.0.123) but I can't get anything off a connection. I tried a clean install without any modules activated and have the some problem. Is there anything that has to be installed to be able to get a response? I'm developing on a local environment of xampp and tried it on a mac os environment with mamp aswell.

I tested it on a production environment (online hosting) and there it is working. I'm guessing it has something to do with the local servers. Anybody has an idea what should be activated?

Thanks in advance

Share this post


Link to post
Share on other sites

@thibaultvdb It's a bit difficult to help from here. One thing you could try is to go through the code in Router.php and return or exit early to find out until where the code runs. The main functions are "go()" and "handle()". Another idea is to compare php settings between your hosted and local environment with "phpinfo()". If you can isolate the issue it's much easier to help.

  • Like 1

Share this post


Link to post
Share on other sites
13 hours ago, thomasaull said:

@thibaultvdb It's a bit difficult to help from here. One thing you could try is to go through the code in Router.php and return or exit early to find out until where the code runs. The main functions are "go()" and "handle()". Another idea is to compare php settings between your hosted and local environment with "phpinfo()". If you can isolate the issue it's much easier to help.

The main functions are all going like they should. I tried comparing the php info like you said but those files are huge so hard to compare them and find out what is missing/wrong. Is there a localhost software you recommend that is working? Friends that have mamp pro don't have the issue but using mamp/xampp does give me the 404. It's strange that I don't get errors, only a 404 page.

If I can provide you anything please let me know since serverside issue's aren't my best area of working.

Share this post


Link to post
Share on other sites

@thibaultvdb 

I think that by default on XAMPP your ProcessWire installation is in a subdir, and I bet that the module is giving you as api endpoint something like : /subdir/api instead of the /api endpoint. 

You should ask your friends to help you to setup your localhost environment to use a domain like  http://mylocalwebsite.local

To get started, you can follow the second answer here https://stackoverflow.com/questions/16229126/using-domain-name-instead-of-localhost-in-with-https-in-xampp

or follow this tutorial to use AcrylicDNS (the best solution IMO, do not be afraid, it's really easy to setup) https://www.ottorask.com/blog/automated-apache-virtual-hosts-on-windows/

 

Good luck.

  • Like 3

Share this post


Link to post
Share on other sites

@thibaultvdb If what @flydev says is the case and you're trying to access your website inside a subdirectory you could also try to adjust the path for the api in the module settings. Maybe it'll work 🙂

Share this post


Link to post
Share on other sites

@flydev I must say you are the savior of the day. The reason was indeed that xampp is putting "localhost" in front of the site url.
In my case this was "localhost/sitename" the RestApi module probably didn't understand this sitename url what gave me 404-pages all the time.

@thomasaull You mentioned that maybe this could be fixed through the settings of the module. Could you give an example of a path?
Maybe it's usefull to add a option to the module or something that notifies the user if it is using localhost or to automatically prefix this with localhost? I don't think I will be the only one that uses the localhost prefix 😛 

Thanks for the help already! Hopefully there is a possibility to handle this in the settings so I don't have to use these virtual hosts. Or maybe look at the processwire config? The processwire handles this localhost prefix perfectly.

Share this post


Link to post
Share on other sites

@thibaultvdb In the module settings there is an input for "API Endpoint" — can you try to change the value there to "localhost/api" and report back if this works for you?

  • Like 1

Share this post


Link to post
Share on other sites

@thomasaull changing the api endpoint didn't solve it (I tried a few things already). I solved it by using the virtual host for this project but for the future and others a localhost sollution would be lovely!
If I can provide anything more, please tell me!

Share this post


Link to post
Share on other sites

@thibaultvdb I need to check this, since I think (when I remember it properly) I put this option in specifically for this use-case. If you want to fiddle around try making it work or you know/want to figure out how ProcessWire does this automatically feel free 🙂 Otherwise I can't really make any promise when I'm going to be able to look into this

Share this post


Link to post
Share on other sites

Hello,
I have a clean blank install of latest dev version of Processwire. When I install your module, the backend stops working.

Share this post


Link to post
Share on other sites

@Hurme

Did you check your server error logs for hints? Or site/assets/logs/ ?

First of all, you could try to delete everything in site/assets/cache/modules/. 

If that doesn't work, rename the REST API module: prepend a dot (.modulename).

Share this post


Link to post
Share on other sites

@dragan Hi, I've left the office and wont be back until next week, but I'll see if deleting the cache has any effect. There were no errors in the log files, just your usual "Saved module X". Of course deleting the module itself resolves the crashing issue, but then you can't really use the module.

Share this post


Link to post
Share on other sites

Recently a user of this module had the problem that some multi-language fields weren't working correctly.kno After some investigation I discovered, that the hook this module uses (it's a "before ProcessPageView::execute") kicks in to early for the multi-language plugins to be ready. Does anyone knows of a hook, which can do something similar (basically take over the default routing of ProcessWire) while still have the other modules loaded?

One alternative approach for this specific problem would be to not trigger the module via a hook but with an own template and page like the old RestApiProfile did. A couple of benefits would come for free aswell (these are my assumptions, not tested yet):

  • ProCache should work without any workarounds
  • Multi-Language works
  • Websites in subdirectories (if working in ProcessWire in general) should work
  • site profile export would work if the /api folder lives in /templates by default

Any potential downsides I'm not seeing yet? Thoughts?

Share this post


Link to post
Share on other sites

I wrote an api-module a few years ago, where the module generated a custom template (e.g. "api-page"), which could be used to create one or more endpoint-pages. To handle calls to these pages I used ProcessPageView::pageNotFound like @bernhard did:

$this->addHookBefore('ProcessPageView::pageNotFound', $this, 'handleApiRequest');
public function handleApiRequest(HookEvent $e) {
	$page = $e->arguments[0];

	if ($page->template === 'api-page') {
		// handle request here...
		$otherEvent = $e->arguments(0); // grab event provided to PageRender::renderPage
		$e->replace = true; // prevent PageRender::renderPage from being called
	}
}

It worked nice for me, but I cannot say if caching or multi-language works better in this hook. pageNotFound should be called later than execute, so there is a chance that it helps 🤷‍♂️

 
  • Like 4

Share this post


Link to post
Share on other sites

Hello everyone,
while building an app-interface for a page, I developed some changes and improvements to this module, which I made available as a pull request
But @thomasaull and I are not quite sure if it makes sense to transfer these basic changes into the main module as well. Therefore we would like to hear your opinion: What do you think of the new module version? Which features would be useful for you? 

I have developed several new features that allow the administration of Api accesses via the ProcessWire backend. I also revised the authentication and added a new Double-JWT option that works with long-lasting refresh and short-lived access-tokens.

New Features:

  • New menu item "Restapi" in the ProcessWire menu under "setup
  • Management of Api accesses (applications) outsourced to the new menu item
  • Apikeys now authorize api-access
  • Creation of multiple applications with different auth types possible
  • Double-JWT Authentication, renewable tokens
  • token-sessions can be viewed and deleted in the backend
  • Improved exception handling: Each endpoint can throw exceptions, which are then output with the appropriate HTTP status header and message.
  • Like 10

Share this post


Link to post
Share on other sites

I am using this module in all my install now (it's a modified version with Basic Auth implemented) and all these additions look super !  Looking into it this afternoon, I will give my opinion. Thanks guys for the hard work 👍

  • Like 1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By horst
      Wire Mail SMTP

      An extension to the (new) WireMail base class that uses SMTP-transport

      This module integrates EmailMessage, SMTP and SASL php-libraries from Manuel Lemos into ProcessWire. I use this continously evolved libraries for about 10 years now and there was never a reason or occasion not to do so. I use it nearly every day in my office for automated composing and sending personalized messages with attachments, requests for Disposition Notifications, etc. Also I have used it for sending personalized Bulkmails many times.

      The WireMailSmtp module extends the new email-related WireMail base class introduced in ProcessWire 2.4.1 (while this writing, the dev-branch only).
       
      Here are Ryans announcement.



      Current Version 0.6.0
      Changelog: https://github.com/horst-n/WireMailSmtp/blob/master/CHANGELOG.md
      get it from the Modules Directory Install and Configure

      Download the module into your site/modules/ directory and install it.

      In the config page you fill in settings for the SMTP server and optionaly the (default) sender, like email address, name and signature.
      You can test the smtp settings directly there. If it says "SUCCESS! SMTP settings appear to work correctly." you are ready to start using it in templates, modules or bootstrap scripts.


      Usage Examples
      The simplest way to use it:
      $numSent = wireMail($to, $from, $subject, $textBody); $numSent = wireMail($to, '', $subject, $textBody); // or with a default sender emailaddress on config page This will send a plain text message to each recipient.
       
      You may also use the object oriented style:
      $mail = wireMail(); // calling an empty wireMail() returns a wireMail object $mail->to($toEmail, $toName); $mail->from = $yourEmailaddress; // if you don't have set a default sender in config // or if you want to override that $mail->subject($subject); $mail->body($textBody); $numSent = $mail->send(); Or chained, like everywhere in ProcessWire:
      $mail = wireMail(); $numSent = $mail->to($toEmail)->subject($subject)->body($textBody)->send(); Additionaly to the basics there are more options available with WireMailSmtp. The main difference compared to the WireMail BaseClass is the sendSingle option. With it you can set only one To-Recipient but additional CC-Recipients.
      $mail = wireMail(); $mail->sendSingle(true)->to($toEmail, $toName)->cc(array('person1@example.com', 'person2@example.com', 'person3@example.com')); $numSent = $mail->subject($subject)->body($textBody)->send(); The same as function call with options array:
      $options = array( 'sendSingle' => true, 'cc' => array('person1@example.com', 'person2@example.com', 'person3@example.com') ); $numSent = wireMail($to, '', $subject, $textBody, $options); There are methods to your disposal to check if you have the right WireMail-Class and if the SMTP-settings are working:
      $mail = wireMail(); if($mail->className != 'WireMailSmtp') { // Uups, wrong WireMail-Class: do something to inform the user and quit echo "<p>Couldn't get the right WireMail-Module (WireMailSmtp). found: {$mail->className}</p>"; return; } if(!$mail->testConnection()) { // Connection not working: echo "<p>Couldn't connect to the SMTP server. Please check the {$mail->className} modules config settings!</p>"; return; }  
      A MORE ADVANCED DEBUG METHOD!
      You can add some debug code into a template file and call a page with it:
      $to = array('me@example.com'); $subject = 'Wiremail-SMTP Test ' . date('H:i:s') . ' äöü ÄÖÜ ß'; $mail = wireMail(); if($mail->className != 'WireMailSmtp') { echo "<p>Couldn't get the right WireMail-Module (WireMailSmtp). found: {$mail->className}</p>"; } else { $mail->from = '--INSERT YOUR SENDER ADDRESS HERE --'; // <--- !!!! $mail->to($to); $mail->subject($subject); $mail->sendSingle(true); $mail->body("Titel\n\ntext text TEXT text text\n"); $mail->bodyHTML("<h1>Titel</h1><p>text text <strong>TEXT</strong> text text</p>"); $dump = $mail->debugSend(1); } So, in short, instead of using $mail->send(), use $mail->debugSend(1) to get output on a frontend testpage.
      The output is PRE formatted and contains the areas: SETTINGS, RESULT, ERRORS and a complete debuglog of the server connection, like this one:
       
      Following are a ...


      List of all options and features


      testConnection () - returns true on success, false on failures


      sendSingle ( true | false ) - default is false

      sendBulk ( true | false ) - default is false, Set this to true if you have lots of recipients (50+)


      to ($recipients) - one emailaddress or array with multiple emailaddresses

      cc ($recipients) - only available with mode sendSingle, one emailaddress or array with multiple emailaddresses

      bcc ($recipients) - one emailaddress or array with multiple emailaddresses

       
      from = 'person@example.com' - emailaddress, can be set in module config (called Sender Emailaddress) but it can be overwritten here

      fromName = 'Name Surname' - optional, can be set in module config (called Sender Name) but it can be overwritten here


      priority (3) - 1 = Highest | 2 = High | 3 = Normal | 4 = Low | 5 = Lowest

      dispositionNotification () or notification () - request a Disposition Notification


      subject ($subject) - subject of the message

      body ($textBody) - use this one alone to create and send plainText emailmessages

      bodyHTML ($htmlBody) - use this to create a Multipart Alternative Emailmessage (containing a HTML-Part and a Plaintext-Part as fallback)

      addSignature ( true | false ) - the default-behave is selectable in config screen, this can be overridden here
      (only available if a signature is defined in the config screen)

      attachment ($filename, $alternativeBasename = "") - add attachment file, optionally alternative basename


      send () - send the message(s) and return number of successful sent messages


      debugSend(1) - returns and / or outputs a (pre formatted) dump that contains the areas: SETTINGS, RESULT, ERRORS and a complete debuglog of the server connection. (See above the example code under ADVANCED DEBUG METHOD for further instructions!)


      getResult () - returns a dump (array) with all recipients (to, cc, bcc) and settings you have selected with the message, the message subject and body, and lists of successfull addresses and failed addresses,


      logActivity ($logmessage) - you may log success if you want

      logError ($logmessage) - you may log warnings, too. - Errors are logged automaticaly
       
       
      useSentLog (true | false) - intended for usage with e.g. third party newsletter modules - tells the send() method to make usage of the sentLog-methods - the following three sentLog methods are hookable, e.g. if you don't want log into files you may provide your own storage, or add additional functionality here

      sentLogReset ()  - starts a new LogSession - Best usage would be interactively once when setting up a new Newsletter

      sentLogGet ()  - is called automaticly within the send() method - returns an array containing all previously used emailaddresses

      sentLogAdd ($emailaddress)  - is called automaticly within the send() method
      Changelog: https://github.com/horst-n/WireMailSmtp/blob/master/CHANGELOG.md
       
       
    • By Cybermano
      Food Allergens Module
      A simple List of Food Allergens
      My needs were to provide a simple list of food allergens for our clients with restaurant related activity.
      The idea was to simply output the list (to speed up the data entry) without leaving the food menu editing, eg. opening another page in new tab or window.
      This isn't a perfect solution, but it works fine for my needs and I decided to share the base idea.
      This could also be easily used to show little notes or short "vademecum", not only for the list of food allergens.
      ---
      Main features
      The basis
      All moves from a short editing of the module in this tutorial: How to create custom admin pages by @bernhard
      First of all it creates an empty admin page, with a dedicated permission to let safe-user to see it (this permission has to be created as a new ones, manually or by the module).
      Once the page is created, I have hooked its behaviour into the ready.php, to show the content (basically a list).
      A step further
      With the tips of  @bernhard, @Soma (and many others), see here , the magic happens. 
      The new page will be shown as a panel, so editors will not abandon their data entry to have a quick view to the list.
      A little further
      Why scroll to the top of the page to click a link?
      The next step was to create a sticky button only in the food menu pages.
      Again with a @bernhard tip I moved into the customization of this simple module and the related hook.
      ---
      How to use this module
      After installed, it creates the page /admin/page/allergens/ and the module is to be setted up. The first field is a CKEditor with multi-language. This is the place where to write the informations that will be shown into the page. The next field is a simply text-area where to place a bit of JS that will be appended to the markup of the text (omit the 'script' tags). I also putted a checkbox with a silly statement: this to think at least twice on the safety of the written JS. Now comes the first way to display the link to the page
      Field Note with Link. Enable and save it. The module will display a new row with 4 selects (1 standard and 3 ASM):
      View mode (to show the page as Panel or as Modal PopUp); Templates to select: select one or more and save before proceed, so the  asm-select of the pages will be populated showing all the pages of the selected templates. Pages to select: also here select at least one and save before proceed to populate the asm-select for fields only with the ones that belong to the selected pages. Select the fields where to place the note and save again. That's all: now you will find into the notes of the selected fields the link "See the List of Allergens".
      At the same way, the option for the sticky button, but with a plus
      The field select is obviously unnecessary, but you could play with the last row: the inline styles to fix your sticky button where you like. Here you could set the sticky position of the <div> and the absolute ones of the <a>.

      Video Explanation
      In these screencasts you could see a custom JS that show a "copy" button near a "hanna-code" call.
      This because I've set a specific one for each allergen to show up a tooltip in the front end.

      Registrazione #33.mp4  

      Registrazione #34.mp4 ---
      Last but not the least
      Actually it works fine for my needs, even if it's much improvable: I'm working on the permissions creation, the uninstall section, a separate configs and defaults and how to include the hook into the module leaving free the ready.php. According to a simpler uninstall. Also I would make the link text as a dynamic text field, so it will be more flexible.
      I always learn a lot here, so I would share my code for whom it could be interested.
      I removed the hanna code references, but I provide you the html list of the allergens, English and Italian too, so you can paste them into the "source" of the CKEditor field to have a ready to use module.
      Obviously you are free to modify the code as per your needs.
      Please, keep in mind that I'm not a pro coder and I beg your pardon for my verbosity (speaking and coding). 😉
      I hope be helpful or for inspiration.
      Bye
      ready.phpList-ITA.htmlList-ENG.htmlAllergens.module
      README.md
    • By Robin S
      This module is sort of an upgrade to my earlier ImageToMarkdown module, and might be useful to anyone working with Markdown in ProcessWire.
      Copy Markdown
      Adds icons to images and files that allow you to copy a Markdown string to the clipboard. When you click the icon a message at the top left of the screen notifies you that the copying has occurred.
      Screencast

      Note: in the screencast an EasyMDE inputfield is used to preview the Markdown. It's not required to use EasyMDE - an ordinary textarea field could be used.
      Usage: Images
      When you hover on an item in an Images field an asterisk icon appears on the thumbnail. Click the icon to copy an image Markdown string to clipboard. If the "Description" field is populated it is used as the alt text.
      You can also open the "Variations" modal for an image and click the asterisk icon to copy an image Markdown string for an individual variation.
      Usage: Files
      When you hover on an item in a Files field an asterisk icon appears next to the filename. Click the icon to copy a link Markdown string to the clipboard. If the "Description" field is populated it is used as the link text, otherwise the filename is used.
       
      https://github.com/Toutouwai/CopyMarkdown
      https://processwire.com/modules/copy-markdown/
    • By BitPoet
      I've realized that I've been jumping back and forth between the PW API docs and the source code for site modules far too much. The idea to hold all necessary documentation locally in one place has occurred to me before, but getting PHPDocumentor et al set up and running reliably (and producing readable output) as always been too much of a hassle. Today I was asked how I find the right hooks and their arguments, and that inspired me to finally get my backside down on the chair and whip something up, namely the
      Module Api Doc Viewer
      ProcessModuleApiDoc
      It lets you browse the inline documentation and public (optionally also protected) class/method/property information for all modules, core classes and template files in the ProcessWire instance. The documentation is generated on the fly, so you don't have to remember to update your docs whenever you update a module.
      The module is quite fresh, so expect some bugs there. Behind the scenes it uses PHP-Parser together with a custom class that extracts the information I needed, and the core TextformatterMarkdownExtra module for rendering the description part in the phpdoc style comments.
      This is not a replacement / competitor to the API Viewer included in the commercial ProDevTools package. There is quite some information included in the inline documentation that my module can't (and won't) parse, but which makes up parts of the official ProcessWire API docs.
      This, instead, is a kind of Swiss army knife to view PHPDoc style information and get a quick class or function reference.
      If you feel daring and want to give it a spin, or if you just want to read a bit more, visit the module's GitHub repository.
      This is the overview page under "Setup" -> "Module API Docs":

      And this is what the documentation for an individual class looks like:

      The core module documentation can of course be found online, but it didn't make sense not to include them.
      Let me know what you think!

    • By tcnet
      File Manager for ProcessWire is a module to manager files and folders from the CMS backend. It supports creating, deleting, renaming, packing, unpacking, uploading, downloading and editing of files and folders. The integrated code editor ACE supports highlighting of all common programming languages.
      https://github.com/techcnet/ProcessFileManager

      Warning
      This module is probably the most powerful module. You might destroy your processwire installation if you don't exactly know what you doing. Be careful and use it at your own risk!
      ACE code editor
      This module uses ACE code editor available from: https://github.com/ajaxorg/ace

      Dragscroll
      This module uses the JavaScript dragscroll available from: http://github.com/asvd/dragscroll. Dragscroll adds the ability to drag the table horizontally with the mouse pointer.
      PHP File Manager
      This module uses a modified version of PHP File Manager available from: https://github.com/alexantr/filemanager
       
×
×
  • Create New...