Jump to content

Module: RestApi


thomasaull

Recommended Posts

@Andy Uh, the first time I'm seeing this page. Where can I access it in the ProcessWire Backend? Is the module otherwise working for you? Regarding your question about file uploads: The module itself does not has an implementation for this case, basically it provides just a wrapper for your own functions. So in theory you should be able to create a route for a file upload and have your own function to accept the file and store it on the server. If you google "Processwire file upload" you should find some examples to get you started. I'm writing "in theory" because I haven't done it myself yet. If this approach fails, we can figure out what needs be changed in the module itself.

Link to comment
Share on other sites

@thomasaull

3 hours ago, thomasaull said:

Where can I access it in the ProcessWire Backend?

When you set up the site configuration. In file /site/config.php change the row to true and you will see backend debugging capabilities.

/*** SITE CONFIG *************************************************************************/

/**
 * Enable debug mode?
 *
 * Debug mode causes additional info to appear for use during dev and debugging.
 * This is almost always recommended for sites in development. However, you should
 * always have this disabled for live/production sites.
 *
 * @var bool
 *
 */
$config->debug = true;

 

Thanks for the answer on downloading the file in the Processwire. I don’t understand very well how API communication works. But your module perfectly illustrates this feature. I managed to transfer any information from the site through the API. But I can’t transfer a file through your module to site.
When we submit a file from the form, we have identifiers

<input type="file" name="uploadedFile[]" id="uploadedFile" multiple>

And we can find it in global wire('input') or  $_GET, $_POST. But in our case this is empty wire('input')->post->upload

Link to comment
Share on other sites

@thomasaull It seems I found what was the mistake. It was necessary to transfer the dispatch from Insomnia to the multipart format and set the file name. After that, in the $_FILES variable you can find all the data to get the file.

$_FILES Array(
[upfile]=>Array(
	[name]=>hot-pizza.jpeg
	[type]=>image/jpeg
	[tmp_name]=>/localhost/tmp/phptAUnX5
	[error]=>0
	[size]=>65639
	)
)

 

  • Like 2
Link to comment
Share on other sites

@thomasaull I continue to test this module which is very suitable for me.

JWT token. Problem with authorization.

Apache2 server and PHP 7.3.10. Can't auth and gives a message: No Authorization Header found' and code 400.

This is a problem in Router.php function private static function getAuthorizationHeader()

    $headers = array();
    foreach($_SERVER as $key => $value) {
      $headers[strtolower($key)] = $value;
    }

Where variable $_SERVER have no authorization variable. If you change this to a function, it will work.

    foreach(getallheaders() as $key => $value) {
		$headers[strtolower($key)] = $value;
    }

The following error occurs if you enter an invalid token.

{
  "error": "Error: Exception: Signature verification failed (in \/localhost\/site\/modules\/RestApi\/Router.php line 131)\n\n#0 \/localhost\/site\/modules\/RestApi\/Router.php(91): ProcessWire\\Router::handle('ProcessWire\\\\Exa...', 'getUser', Object(stdClass), Array)\n#1 \/localhost\/site\/modules\/RestApi\/RestApi.module(50): ProcessWire\\Router::go()\n#2 \/localhost\/wire\/core\/WireHooks.php(924): ProcessWire\\RestApi->checkIfApiRequest(Object(ProcessWire\\HookEvent))\n#3 \/localhost\/wire\/core\/Wire.php(450): ProcessWire\\WireHooks->runHooks(Object(ProcessWire\\ProcessPageView), 'execute', Array)\n#4 \/localhost\/index.php(61): ProcessWire\\Wire->__call('execute', Array)\n#5 {main}. File: \/localhost\/index.php:70"
}

It seems to me that it would be right to replace Router.php line 131 with code 500

      catch (\Throwable $e)
      {
        throw new \Exception($e->getMessage());
      }

Can be replaced by

      catch (\Throwable $e)
      {
        self::displayError('Signature verification failed', 400);
      }       

This will be more correct, as the token error is a request syntax error and this is code 400.

Link to comment
Share on other sites

@Andy I think for the getallheaders() function it'd make sense to keep the old way aswell and just search in both for the Authorization Header (If I remember correctly, the getallheaders() function wasn't available in all environments. In case you create a PR we can discuss the details there 🙂 Basically you need to fork the repository, push your changes and then create a PR on the github website

Link to comment
Share on other sites

@thomasaull Array merging may help

	$headers = array();
    $header_variables = array_merge($_SERVER, getallheaders());
    foreach($header_variables as $key => $value) {
      $headers[strtolower($key)] = $value;
    }

Since you require in your module PHP>=7.2.0, ProcessWire>=3.0.98
The getallheaders() function is definitely present.

  • Like 1
Link to comment
Share on other sites

  • 2 weeks later...

Another problem with RestAPI. When loading large files, an error occurs.
In the backend everything is fine, a 300 MB file is loaded normally.
The problem only occurs when testing through Insomnia or Postman with files larger than 15 mb.
We managed to solve the problem. It is necessary to include AJAX in the file properties.

        $ul = wire(new WireUpload($formName));
        $ul->setValidExtensions(['mp4', 'avi', '3gp']);
        $ul->setMaxFiles(1);
        $ul->setMaxFileSize(100 * 1000000); // 100 MB
        $ul->setOverwrite(true);
        $ul->setDestinationPath($p_path);
        $ul->setLowercase(true);
        $ul->setAllowAjax(true);
        $files = $ul->execute();

 

  • Like 2
Link to comment
Share on other sites

Hi @Orkun, at the moment there is not built-in way for such a use case. However I guess it's really easy to do with a ProcessWire Hook which can be independet of the API, you'd just need to run the hook on the endpoint-url and check the IP with PHP there. If you want to restrict access to specific routes of the API only, I'd probably run the same checks in the endpoint function.

  • Like 2
Link to comment
Share on other sites

  • 3 weeks later...
On 3/20/2020 at 10:21 AM, thomasaull said:

Hi @Orkun, at the moment there is not built-in way for such a use case. However I guess it's really easy to do with a ProcessWire Hook which can be independet of the API, you'd just need to run the hook on the endpoint-url and check the IP with PHP there. If you want to restrict access to specific routes of the API only, I'd probably run the same checks in the endpoint function.

I tried this by creating a init.php file insdie /site/ with this content in it, but the go method of the router class from your RestApi.module is still executed.

<?php 

require_once wire('config')->paths->RestApi . "/Router.php";

$this->addHookBefore('ProcessPageView::execute', function(HookEvent $event) {
    
    $url = wire('sanitizer')->url(wire('input')->url);
    
    // support / in endpoint url:
    $endpoint = str_replace("/", "\/", wire('modules')->RestApi->endpoint);

    $regex = '/^\/'.$endpoint.'\/?.*/m';
    preg_match($regex, $url, $matches);

    $hasAccess = array(
        '178.192.77.1'
    );

    if($matches) {
        $event->replace = true;
        if(in_array($_SERVER['REMOTE_ADDR'], $hasAccess)){
            wire('log')->save("sso-debug", "Access granted for ".$_SERVER['REMOTE_ADDR']);
            Router::go();
        } else {
            wire('log')->save("sso-debug", "Access denied for ".$_SERVER['REMOTE_ADDR']);
            throw new \Exception("Access denied!", 400);
        }  
    }
});

What can I do?

KR
Orkun

Link to comment
Share on other sites

1 hour ago, Orkun said:

I tried this by creating a init.php file insdie /site/ with this content in it, but the go method of the router class from your RestApi.module is still executed.


<?php 

require_once wire('config')->paths->RestApi . "/Router.php";

$this->addHookBefore('ProcessPageView::execute', function(HookEvent $event) {
    
    $url = wire('sanitizer')->url(wire('input')->url);
    
    // support / in endpoint url:
    $endpoint = str_replace("/", "\/", wire('modules')->RestApi->endpoint);

    $regex = '/^\/'.$endpoint.'\/?.*/m';
    preg_match($regex, $url, $matches);

    $hasAccess = array(
        '178.192.77.1'
    );

    if($matches) {
        $event->replace = true;
        if(in_array($_SERVER['REMOTE_ADDR'], $hasAccess)){
            wire('log')->save("sso-debug", "Access granted for ".$_SERVER['REMOTE_ADDR']);
            Router::go();
        } else {
            wire('log')->save("sso-debug", "Access denied for ".$_SERVER['REMOTE_ADDR']);
            throw new \Exception("Access denied!", 400);
        }  
    }
});

What can I do?

KR
Orkun

Ok this works for me now:

require_once wire('config')->paths->RestApi . "Router.php";

$this->addHookBefore('ProcessPageView::execute', function(HookEvent $event) {

    $url = wire('sanitizer')->url(wire('input')->url);
    
    // support / in endpoint url:
    $endpoint = str_replace("/", "\/", wire('modules')->RestApi->endpoint);

    $regex = '/^\/'.$endpoint.'\/?.*/m';
    preg_match($regex, $url, $matches);

    $hasAccess = array(
      '178.192.77.1'
    );

    if($matches) {
        if(!in_array($_SERVER['REMOTE_ADDR'], $hasAccess)){
            wire('log')->save("sso-debug", "Access denied for ".$_SERVER['REMOTE_ADDR']);
            http_response_code(403);
            exit;
        }
        $event->replace = true;
    }

}, [ 'priority' => 99 ]);

I have added the priority option and set it to 99 so that it gets executed before your hook in RestApi Module.

KR
Orkun

  • Like 2
Link to comment
Share on other sites

  • 1 month later...

@thomasaull 
hey i got this weird issue
that i installed the module and basically i can't even get the /api/users route to work
it didn't create any folders so i copied from modulex\RestApi\apiTemplate everything into \site\api\

but still there is no possibility to be able to run /api/users

did i miss anything from the readme ? O.o

 

Link to comment
Share on other sites

Hey @blackeye, the easiest way to install the module to, in the ProcessWire backend, go to modules -> new and paste the module name "RestApi" in the input at "Add module from directory". After installing you usually don't need to copy any files!

Link to comment
Share on other sites

@thomasaull jeah that didn't worked
i found out what is or was wrong

i have my processwire on a subroute 

http://myserver.de/customerPw/ <-

so the hook in the RestApi.module couldn't work due to the regex only looking for /^ so my api would have been
http://myserver.de/customerPw/api
but only
http://myserver.de/api would have been allowed

i changed the regex to : $regex = '/\/' . $endpoint . '\/?.*/m';

but i am thinking if i am just trying to remove the host from the request
so the module can work properly

the next issue cam in the router.php

where the /api/ part is removed from the request
so my request is now customerPw/users/ which cannot be found aswell

i was thinking okay i can just add the prefix to the routes.php
but then it doesn't work for users for some reason, couldn't find out why

next step will be removing the hostname or changing the api route to /customerPw/api
i think this might be adressed in the readme if someone like me uses multiple pw instances on one server


 

Link to comment
Share on other sites

  • 2 months later...

Hey everyone,

there is a new module AppApi available which is based on my original RestApi module but has some additional features which are really cool! I have been struggling to find time for the RestApi module over the course of the last 1+ year, so I'm really glad @Sebi is stepping in and doing work in this area. I think it would be a good idea, to see AppApi as a successor of the RestApi module and put all focus and development efforts there.

What do you guys think?

  • Like 4
  • Thanks 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Similar Content

    • By MarkE
      This fieldtype and inputfield bundle was built for storing measurement values within a field, rendering them in a variety of formats and converting them to other units or otherwise modifying them via the API.
      The API consists of a number of predefined functions, some of which include...
      render() for rendering the measurement object, valueAs() for converting the value to another unit value, convertTo() for converting the whole measurement object to different units, and add() and subtract() for for modifying the stored value by the value (converted as required) in another measurement. In the admin the inputfield includes a checkbox (which can be optionally disabled) for converting values on page save. For an example if a value was typed in as centimeters, the unit was changed to metres, and the page saved with this checkbox selected, said value would be automatically converted so that e.g. 170 cm becomes 1.7 m.

      A simple length field using Fieldtype Measurement and Inputfield Measurement.
      Combination units (e.g. feet and inches) are also supported.
      Please note that this module is 'proof of concept' at the moment - there are limited units available and quite a lot of code tidying to do. More units will be added shortly.
      See the GitHub at https://github.com/MetaTunes/FieldtypeMeasurement for full details and updates.
    • By tcnet
      File Manager for ProcessWire is a module to manager files and folders from the CMS backend. It supports creating, deleting, renaming, packing, unpacking, uploading, downloading and editing of files and folders. The integrated code editor ACE supports highlighting of all common programming languages.
      https://github.com/techcnet/ProcessFileManager

      Warning
      This module is probably the most powerful module. You might destroy your processwire installation if you don't exactly know what you doing. Be careful and use it at your own risk!
      ACE code editor
      This module uses ACE code editor available from: https://github.com/ajaxorg/ace

      Dragscroll
      This module uses the JavaScript dragscroll available from: http://github.com/asvd/dragscroll. Dragscroll adds the ability to drag the table horizontally with the mouse pointer.
      PHP File Manager
      This module uses a modified version of PHP File Manager available from: https://github.com/alexantr/filemanager
       
    • By tcnet
      This module implements the website live chat service from tawk.to. Actually the module doesn't have to do much. It just need to inserted a few lines of JavaScript just before the closing body tag </body> on each side. However, the module offers additional options to display the widget only on certain pages.
      Create an account
      Visit https://www.tawk.to and create an account. It's free! At some point you will reach a page where you can copy the required JavaScript-code.

      Open the module settings and paste the JavaScript-code into the field as shown below. Click "Submit" and that's all.

      Open the module settings
      The settings for this module are located int the menu Modules=>Configure=>LiveChatTawkTo.

       
    • By tcnet
      Session Viewer is a module for ProcessWire to list session files and display session data. This module is helpful to display the session data of a specific session or to kick out a logged in user by simply delete his session file. After installation the module is available in the Setup menu.

      The following conditions must be met for the module to work properly:
      Session files
      Session data must be stored in session files, which is the default way in ProcessWire. Sessions stored in the database are not supported by this module. The path to the directory where the session files are stored must be declared in the ProcessWire configuration which is by default: site/assets/sessions.
      Serialize handler
      In order to transform session data easier back to a PHP array, the session data is stored serialized. PHP offers a way to declare a custom serialize handler. This module supports only the default serialize handlers: php, php_binary and php_serialize. WDDX was dropped in PHP 7.4.0 and is therefore not supported by this module as well as any other custom serialize handler. Which serialize handler is actually used you can find out in the module configuration which is available under Modules=>Configure=>SessionViewer.

      Session data
      The session data can be displayed in two different ways. PHP's default output for arrays print_r() or by default for this module nice_r() offered on github: https://github.com/uuf6429/nice_r. There is a setting in the module configuration if someone prefers print_r(). Apart from the better handling and overview of the folded session data the output of nice_r() looks indeed nicer.

      Links
      ProcessWire module directory
      github.com
    • By Robin S
      Repeater Easy Sort
      Adds a compact "easy-sort" mode to Repeater and Repeater Matrix, making those fields easier to sort when there are a large number of items.
      The module also enhances Repeater Matrix by allowing a colour to be set for each matrix type. This colour is used in the item headers and in the "add new" links, to help visually distinguish different matrix types in the inputfield.
      Screencasts
      A Repeater field

      A Repeater Matrix field with custom header colours

      Easy-sort mode
      Each Repeater/Matrix item gets an double-arrow icon in the item header. Click this icon to enter easy-sort mode.
      While in easy-sort mode:
      The items will reduce in width so that more items can be shown on the screen at once. The minimum width is configurable in the field settings. Any items that were in an open state are collapsed, but when you exit easy-sort mode the previously open items will be reopened. You can drag an item left/right/up/down to sort it within the items. The item that you clicked the icon for is shown with a black background. This makes it easier to find the item you want to move in easy-sort mode. You can click an item header to open the item. An "Exit easy-sort mode" button appears at the bottom of the inputfield. Configuration
      In the field settings for Repeater and Repeater Matrix fields you can define a minimum width in pixels for items in easy-sort mode. While in easy-sort mode the items will be sized to neatly fill the available width on any screen size but will never be narrower than the width you set here.
      In the field settings for Repeater Matrix you can define a custom header colour for each matrix type using an HTML "color" type input. The default colour for this type of input is black, so when black is selected in the input it means that no custom colour will be applied to the header.
      Exclusions
      The easy-sort mode is only possible on Repeater/Matrix fields that do not use the "item depth" option.
       
      https://github.com/Toutouwai/RepeaterEasySort
      https://processwire.com/modules/repeater-easy-sort/
×
×
  • Create New...