Jump to content

Module: RestApi


thomasaull

Recommended Posts

@Andy Uh, the first time I'm seeing this page. Where can I access it in the ProcessWire Backend? Is the module otherwise working for you? Regarding your question about file uploads: The module itself does not has an implementation for this case, basically it provides just a wrapper for your own functions. So in theory you should be able to create a route for a file upload and have your own function to accept the file and store it on the server. If you google "Processwire file upload" you should find some examples to get you started. I'm writing "in theory" because I haven't done it myself yet. If this approach fails, we can figure out what needs be changed in the module itself.

Link to comment
Share on other sites

@thomasaull

3 hours ago, thomasaull said:

Where can I access it in the ProcessWire Backend?

When you set up the site configuration. In file /site/config.php change the row to true and you will see backend debugging capabilities.

/*** SITE CONFIG *************************************************************************/

/**
 * Enable debug mode?
 *
 * Debug mode causes additional info to appear for use during dev and debugging.
 * This is almost always recommended for sites in development. However, you should
 * always have this disabled for live/production sites.
 *
 * @var bool
 *
 */
$config->debug = true;

 

Thanks for the answer on downloading the file in the Processwire. I don’t understand very well how API communication works. But your module perfectly illustrates this feature. I managed to transfer any information from the site through the API. But I can’t transfer a file through your module to site.
When we submit a file from the form, we have identifiers

<input type="file" name="uploadedFile[]" id="uploadedFile" multiple>

And we can find it in global wire('input') or  $_GET, $_POST. But in our case this is empty wire('input')->post->upload

Link to comment
Share on other sites

@thomasaull It seems I found what was the mistake. It was necessary to transfer the dispatch from Insomnia to the multipart format and set the file name. After that, in the $_FILES variable you can find all the data to get the file.

$_FILES Array(
[upfile]=>Array(
	[name]=>hot-pizza.jpeg
	[type]=>image/jpeg
	[tmp_name]=>/localhost/tmp/phptAUnX5
	[error]=>0
	[size]=>65639
	)
)

 

  • Like 2
Link to comment
Share on other sites

@thomasaull I continue to test this module which is very suitable for me.

JWT token. Problem with authorization.

Apache2 server and PHP 7.3.10. Can't auth and gives a message: No Authorization Header found' and code 400.

This is a problem in Router.php function private static function getAuthorizationHeader()

    $headers = array();
    foreach($_SERVER as $key => $value) {
      $headers[strtolower($key)] = $value;
    }

Where variable $_SERVER have no authorization variable. If you change this to a function, it will work.

    foreach(getallheaders() as $key => $value) {
		$headers[strtolower($key)] = $value;
    }

The following error occurs if you enter an invalid token.

{
  "error": "Error: Exception: Signature verification failed (in \/localhost\/site\/modules\/RestApi\/Router.php line 131)\n\n#0 \/localhost\/site\/modules\/RestApi\/Router.php(91): ProcessWire\\Router::handle('ProcessWire\\\\Exa...', 'getUser', Object(stdClass), Array)\n#1 \/localhost\/site\/modules\/RestApi\/RestApi.module(50): ProcessWire\\Router::go()\n#2 \/localhost\/wire\/core\/WireHooks.php(924): ProcessWire\\RestApi->checkIfApiRequest(Object(ProcessWire\\HookEvent))\n#3 \/localhost\/wire\/core\/Wire.php(450): ProcessWire\\WireHooks->runHooks(Object(ProcessWire\\ProcessPageView), 'execute', Array)\n#4 \/localhost\/index.php(61): ProcessWire\\Wire->__call('execute', Array)\n#5 {main}. File: \/localhost\/index.php:70"
}

It seems to me that it would be right to replace Router.php line 131 with code 500

      catch (\Throwable $e)
      {
        throw new \Exception($e->getMessage());
      }

Can be replaced by

      catch (\Throwable $e)
      {
        self::displayError('Signature verification failed', 400);
      }       

This will be more correct, as the token error is a request syntax error and this is code 400.

Link to comment
Share on other sites

@Andy I think for the getallheaders() function it'd make sense to keep the old way aswell and just search in both for the Authorization Header (If I remember correctly, the getallheaders() function wasn't available in all environments. In case you create a PR we can discuss the details there 🙂 Basically you need to fork the repository, push your changes and then create a PR on the github website

Link to comment
Share on other sites

@thomasaull Array merging may help

	$headers = array();
    $header_variables = array_merge($_SERVER, getallheaders());
    foreach($header_variables as $key => $value) {
      $headers[strtolower($key)] = $value;
    }

Since you require in your module PHP>=7.2.0, ProcessWire>=3.0.98
The getallheaders() function is definitely present.

  • Like 1
Link to comment
Share on other sites

  • 2 weeks later...

Another problem with RestAPI. When loading large files, an error occurs.
In the backend everything is fine, a 300 MB file is loaded normally.
The problem only occurs when testing through Insomnia or Postman with files larger than 15 mb.
We managed to solve the problem. It is necessary to include AJAX in the file properties.

        $ul = wire(new WireUpload($formName));
        $ul->setValidExtensions(['mp4', 'avi', '3gp']);
        $ul->setMaxFiles(1);
        $ul->setMaxFileSize(100 * 1000000); // 100 MB
        $ul->setOverwrite(true);
        $ul->setDestinationPath($p_path);
        $ul->setLowercase(true);
        $ul->setAllowAjax(true);
        $files = $ul->execute();

 

  • Like 2
Link to comment
Share on other sites

Hi @Orkun, at the moment there is not built-in way for such a use case. However I guess it's really easy to do with a ProcessWire Hook which can be independet of the API, you'd just need to run the hook on the endpoint-url and check the IP with PHP there. If you want to restrict access to specific routes of the API only, I'd probably run the same checks in the endpoint function.

  • Like 2
Link to comment
Share on other sites

  • 3 weeks later...
On 3/20/2020 at 10:21 AM, thomasaull said:

Hi @Orkun, at the moment there is not built-in way for such a use case. However I guess it's really easy to do with a ProcessWire Hook which can be independet of the API, you'd just need to run the hook on the endpoint-url and check the IP with PHP there. If you want to restrict access to specific routes of the API only, I'd probably run the same checks in the endpoint function.

I tried this by creating a init.php file insdie /site/ with this content in it, but the go method of the router class from your RestApi.module is still executed.

<?php 

require_once wire('config')->paths->RestApi . "/Router.php";

$this->addHookBefore('ProcessPageView::execute', function(HookEvent $event) {
    
    $url = wire('sanitizer')->url(wire('input')->url);
    
    // support / in endpoint url:
    $endpoint = str_replace("/", "\/", wire('modules')->RestApi->endpoint);

    $regex = '/^\/'.$endpoint.'\/?.*/m';
    preg_match($regex, $url, $matches);

    $hasAccess = array(
        '178.192.77.1'
    );

    if($matches) {
        $event->replace = true;
        if(in_array($_SERVER['REMOTE_ADDR'], $hasAccess)){
            wire('log')->save("sso-debug", "Access granted for ".$_SERVER['REMOTE_ADDR']);
            Router::go();
        } else {
            wire('log')->save("sso-debug", "Access denied for ".$_SERVER['REMOTE_ADDR']);
            throw new \Exception("Access denied!", 400);
        }  
    }
});

What can I do?

KR
Orkun

Link to comment
Share on other sites

1 hour ago, Orkun said:

I tried this by creating a init.php file insdie /site/ with this content in it, but the go method of the router class from your RestApi.module is still executed.


<?php 

require_once wire('config')->paths->RestApi . "/Router.php";

$this->addHookBefore('ProcessPageView::execute', function(HookEvent $event) {
    
    $url = wire('sanitizer')->url(wire('input')->url);
    
    // support / in endpoint url:
    $endpoint = str_replace("/", "\/", wire('modules')->RestApi->endpoint);

    $regex = '/^\/'.$endpoint.'\/?.*/m';
    preg_match($regex, $url, $matches);

    $hasAccess = array(
        '178.192.77.1'
    );

    if($matches) {
        $event->replace = true;
        if(in_array($_SERVER['REMOTE_ADDR'], $hasAccess)){
            wire('log')->save("sso-debug", "Access granted for ".$_SERVER['REMOTE_ADDR']);
            Router::go();
        } else {
            wire('log')->save("sso-debug", "Access denied for ".$_SERVER['REMOTE_ADDR']);
            throw new \Exception("Access denied!", 400);
        }  
    }
});

What can I do?

KR
Orkun

Ok this works for me now:

require_once wire('config')->paths->RestApi . "Router.php";

$this->addHookBefore('ProcessPageView::execute', function(HookEvent $event) {

    $url = wire('sanitizer')->url(wire('input')->url);
    
    // support / in endpoint url:
    $endpoint = str_replace("/", "\/", wire('modules')->RestApi->endpoint);

    $regex = '/^\/'.$endpoint.'\/?.*/m';
    preg_match($regex, $url, $matches);

    $hasAccess = array(
      '178.192.77.1'
    );

    if($matches) {
        if(!in_array($_SERVER['REMOTE_ADDR'], $hasAccess)){
            wire('log')->save("sso-debug", "Access denied for ".$_SERVER['REMOTE_ADDR']);
            http_response_code(403);
            exit;
        }
        $event->replace = true;
    }

}, [ 'priority' => 99 ]);

I have added the priority option and set it to 99 so that it gets executed before your hook in RestApi Module.

KR
Orkun

  • Like 2
Link to comment
Share on other sites

  • 1 month later...

@thomasaull 
hey i got this weird issue
that i installed the module and basically i can't even get the /api/users route to work
it didn't create any folders so i copied from modulex\RestApi\apiTemplate everything into \site\api\

but still there is no possibility to be able to run /api/users

did i miss anything from the readme ? O.o

 

Link to comment
Share on other sites

Hey @blackeye, the easiest way to install the module to, in the ProcessWire backend, go to modules -> new and paste the module name "RestApi" in the input at "Add module from directory". After installing you usually don't need to copy any files!

Link to comment
Share on other sites

@thomasaull jeah that didn't worked
i found out what is or was wrong

i have my processwire on a subroute 

http://myserver.de/customerPw/ <-

so the hook in the RestApi.module couldn't work due to the regex only looking for /^ so my api would have been
http://myserver.de/customerPw/api
but only
http://myserver.de/api would have been allowed

i changed the regex to : $regex = '/\/' . $endpoint . '\/?.*/m';

but i am thinking if i am just trying to remove the host from the request
so the module can work properly

the next issue cam in the router.php

where the /api/ part is removed from the request
so my request is now customerPw/users/ which cannot be found aswell

i was thinking okay i can just add the prefix to the routes.php
but then it doesn't work for users for some reason, couldn't find out why

next step will be removing the hostname or changing the api route to /customerPw/api
i think this might be adressed in the readme if someone like me uses multiple pw instances on one server


 

Link to comment
Share on other sites

  • 2 months later...

Hey everyone,

there is a new module AppApi available which is based on my original RestApi module but has some additional features which are really cool! I have been struggling to find time for the RestApi module over the course of the last 1+ year, so I'm really glad @Sebi is stepping in and doing work in this area. I think it would be a good idea, to see AppApi as a successor of the RestApi module and put all focus and development efforts there.

What do you guys think?

  • Like 4
  • Thanks 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By Robin S
      This module lets you add some custom menu items to the main admin menu, and you can set the dropdown links dynamically in a hook if needed.
      Sidenote: the module config uses some repeatable/sortable rows for the child link settings, similar to the ProFields Table interface. The data gets saved as JSON in a hidden textarea field. Might be interesting to other module developers?
      Custom Admin Menus
      Adds up to three custom menu items with optional dropdowns to the main admin menu.
      The menu items can link to admin pages, front-end pages, or pages on external websites.
      The links can be set to open in a new browser tab, and child links in the dropdown can be given an icon.
      Requires ProcessWire v3.0.178 or newer.
      Screenshots
      Example of menu items

      Module config for the menus

      Link list shown when parent menu item is not given a URL

      Advanced
      Setting child menu items dynamically
      If needed you can set the child menu items dynamically using a hook.
      Example:
      $wire->addHookAfter('CustomAdminMenus::getMenuChildren', function(HookEvent $event) { // The menu number is the first argument $menu_number = $event->arguments(0); if($menu_number === 1) { $colours = $event->wire()->pages->findRaw('template=colour', ['title', 'url', 'page_icon']); $children = []; foreach($colours as $colour) { // Each child item should be an array with the following keys $children[] = [ 'icon' => $colour['page_icon'], 'label' => $colour['title'], 'url' => $colour['url'], 'newtab' => false, ]; } $event->return = $children; } }); Create multiple levels of flyout menus
      It's also possible to create multiple levels of flyout submenus using a hook.

      For each level a submenu can be defined in a "children" item. Example:
      $wire->addHookAfter('CustomAdminMenus::getMenuChildren', function(HookEvent $event) { // The menu number is the first argument $menu_number = $event->arguments(0); if($menu_number === 1) { $children = [ [ 'icon' => 'adjust', 'label' => 'One', 'url' => '/one/', 'newtab' => false, ], [ 'icon' => 'anchor', 'label' => 'Two', 'url' => '/two/', 'newtab' => false, 'children' => [ [ 'icon' => 'child', 'label' => 'Red', 'url' => '/red/', 'newtab' => false, ], [ 'icon' => 'bullhorn', 'label' => 'Green', 'url' => '/green/', 'newtab' => false, 'children' => [ [ 'icon' => 'wifi', 'label' => 'Small', 'url' => '/small/', 'newtab' => true, ], [ 'icon' => 'codepen', 'label' => 'Medium', 'url' => '/medium/', 'newtab' => false, ], [ 'icon' => 'cogs', 'label' => 'Large', 'url' => '/large/', 'newtab' => false, ], ] ], [ 'icon' => 'futbol-o', 'label' => 'Blue', 'url' => '/blue/', 'newtab' => true, ], ] ], [ 'icon' => 'hand-o-left', 'label' => 'Three', 'url' => '/three/', 'newtab' => false, ], ]; $event->return = $children; } }); Showing/hiding menus according to user role
      You can determine which menu items can be seen by a role by checking the user's role in the hook.
      For example, if a user has or lacks a role you could include different child menu items in the hook return value. Or if you want to conditionally hide a custom menu altogether you can set the return value to false. Example:
      $wire->addHookAfter('CustomAdminMenus::getMenuChildren', function(HookEvent $event) { // The menu number is the first argument $menu_number = $event->arguments(0); $user = $event->wire()->user; // For custom menu number 1... if($menu_number === 1) { // ...if user does not have some particular role... if(!$user->hasRole('foo')) { // ...do not show the menu $event->return = false; } } });  
      https://github.com/Toutouwai/CustomAdminMenus
      https://processwire.com/modules/custom-admin-menus/
    • By tcnet
      This module for ProcessWire sends a notification email for each failed login attempt. Similar modules exists already in the module directory of ProcessWire. However, this module is designed to notify, even if specified user doesn't exist.
      Settings
      The settings for this module are located in the menu Modules=>Configure=>LoginFailNotifier.
      Notification email
      Specifies the email address to which the notification emails should be sent.
        Email subject
      Specifies the subject line for the notification email.
        Post variables
      Specifies the $_POST variables to be included in the notification email. Each variable must be separated by a comma. For example: login_name,login_pass
        Server variables
      Specifies the $_SERVER variables to be included in the notification email. Each variable must be separated by a comma. For example: REMOTE_ADDR,HTTP_USER_AGENT
      Link to ProcessWire module directory:
      https://processwire.com/modules/login-fail-notifier/
      Link to github.com:
      https://github.com/techcnet/LoginFailNotifier
    • By Fokke
      ProcessWire 3.x markup module for rendering meta tags in HTML document head section. Note that this module is not a full-blown SEO solution, but rather a simple tool for rendering meta tags based on module configuration. Adding custom meta tags is also supported.
      Built-in meta tags
      The following meta tags are supported out-of-the-box:
      Document title consisting of page title and site name Character set Canonical Viewport Description Keywords Hreflang tags Open Graph og:title og:site_name og:type og:url og:description og:image og:image:width og:image:height Twitter meta tags twitter:card twitter:site twitter:creator twitter:title twitter:description twitter:image Facebook meta tags fb:app_id The full documentation with configurable options can be found here: https://github.com/Fokke-/MarkupMetadata
       
      Requirements:
      ProcessWire>=3.0.0 PHP >=7.1 Installation using Composer
      composer require fokke/markup-metadata Manual installation
      Download latest version from https://github.com/Fokke-/MarkupMetadata/archive/master.zip Extract module files to site/modules/MarkupMetadata directory.
    • By m.sieber
      ITRK-Service for ProcessWire
      Module for the automated transfer of imprint, data protection declaration and terms and conditions from IT-Recht Kanzlei to your ProcessWire installation
      What is ITRK Service for ProcessWire?
      ITRK-Service for ProcessWire is a free module for ProcessWire CMS. It provides an interface to the update service of IT-Recht Kanzlei, via which the legal texts of your online presence are automatically updated. In this way, the texts remain legally secure and warning-proof in the long term. Imprint, data protection declaration, revocation and general terms and conditions are currently supported.
      You can find our documentation (in german language) here: https://www.pupit.de/itrk-service-for-processwire/dokumentation/

      Download: https://www.pupit.de/itrk-service-for-processwire/
      Github: https://github.com/pupit-de/pwItrkServiceConnector
    • By LuisM
      Symprowire is a PHP MVC Framework based and built on Symfony using ProcessWire 3.x as DBAL and Service-Provider
      It acts as a Drop-In Replacement Module to handle the Request/Response outside the ProcessWire Admin. Even tough Symfony or any other mature MVC Framework could be intimidating at first, Symprowire tries to abstract Configuration and Symfony Internals away as much as possible to give you a quick start and lift the heavy work for you.
      The main Goal is to give an easy path to follow an MVC Approach during development with ProcessWire and open up the available eco-system.
      You can find the GitHub Repo and more Information here: https://github.com/Luis85/symprowire
      Documentation
      The Symprowire Wiki https://github.com/Luis85/symprowire/wiki How to create a simple Blog with Symprowire https://github.com/Luis85/symprowire/wiki/Symprowire-Blog-Tutorial Last Update
      16.07.2021 // RC 1 v0.6.0 centralized ProcessWire access trough out the Application by wrapping to a Service https://github.com/Luis85/symprowire/releases/tag/v0.6.0-rc-1 Requirements
      PHP ^7.4 Fresh ProcessWire ^3.0.181 with a Blank Profile Composer 2 (v1 should work, not recommended) The usual Symfony Requirements Features
      Twig Dependency Injection Monolog for Symprowire Support for .env YAML Configuration Symfony Console and Console Commands Symfony Webprofiler Full ProcessWire access inside your Controller and Services Webpack Encore support Caveats
      Symfony is no small Framework and will come with a price in terms of Memory Usage and added Overhead. To give you a taste I installed Tracy Debugger alongside to compare ProcessWire profiling with the included Symfony Webprofiler

      So in a fresh install Symprowire would atleast add another 2MB of Memory usage and around 40ms in response time, should be less in production due to the added overhead of the Webprofiler in dev env
       
×
×
  • Create New...