User Unauthorised error
Forum rules
Always add your Aimeos and PHP version as well as your environment (Linux/Mac/Win)
Spam and unrelated posts will be removed immediately!
Always add your Aimeos and PHP version as well as your environment (Linux/Mac/Win)
Spam and unrelated posts will be removed immediately!
-
- Advanced
- Posts: 114
- Joined: 08 Nov 2019, 11:56
User Unauthorised error
Hello,
We are using laravel as backed and using JSONAPIs on mobile applications. We are having issue on user session + login. Right now, we are having two stores and two different apps are running on individual store.
As we have both store live, so we are getting issues on old store users. Some users are getting unauthorised error when they to login into system to place an order. How do we handle case? As we don't have option to update password for them from admin or via JSON APIs. How do we allow user to reset their password ? Or if we can update same thing on aimeos admin side then also it will be helpful.
THANKS IN ADVANCE
We are using laravel as backed and using JSONAPIs on mobile applications. We are having issue on user session + login. Right now, we are having two stores and two different apps are running on individual store.
As we have both store live, so we are getting issues on old store users. Some users are getting unauthorised error when they to login into system to place an order. How do we handle case? As we don't have option to update password for them from admin or via JSON APIs. How do we allow user to reset their password ? Or if we can update same thing on aimeos admin side then also it will be helpful.
THANKS IN ADVANCE
Re: User Unauthorised error
Don't think it's a password issue but it may be an issue that the customers aren't assigned to the correct site due to a wrong siteid value in the "users" table. Please check if that value matches with the site the customer should be able to log in.
Professional support and custom implementation are available at Aimeos.com
If you like Aimeos, give us a star
If you like Aimeos, give us a star
-
- Advanced
- Posts: 114
- Joined: 08 Nov 2019, 11:56
Re: User Unauthorised error
I dont think that site is the issue. If site is the issue, then it should return user not found.
But here, we are getting unauthorized error.
Thanks
But here, we are getting unauthorized error.
Thanks
-
- Advanced
- Posts: 114
- Joined: 08 Nov 2019, 11:56
Re: User Unauthorised error
How do we reset password for user, either via api or from admin?
Re: User Unauthorised error
In the admin backend, go to the Customer panel. In the detail view there's a password field for each customer.
Professional support and custom implementation are available at Aimeos.com
If you like Aimeos, give us a star
If you like Aimeos, give us a star
-
- Advanced
- Posts: 114
- Joined: 08 Nov 2019, 11:56
Re: User Unauthorised error
Thanks for the help. Issue is resolved
-
- Posts: 72
- Joined: 22 Mar 2021, 16:56
Re: User Unauthorised error
Hi, do you mind me asking how you are handling sessions?traiyani75 wrote: ↑30 Jan 2021, 19:45 Hello,
We are using laravel as backed and using JSONAPIs on mobile applications. We are having issue on user session + login. Right now, we are having two stores and two different apps are running on individual store.
As we have both store live, so we are getting issues on old store users. Some users are getting unauthorised error when they to login into system to place an order. How do we handle case? As we don't have option to update password for them from admin or via JSON APIs. How do we allow user to reset their password ? Or if we can update same thing on aimeos admin side then also it will be helpful.
THANKS IN ADVANCE
Obviously mobiles are stateless and creating baskets with no session is not possible.
TY
[edit]
Sorry, I should probably have said mobile "applications", ie. apps distributed via playstore or appstore.
-
- Advanced
- Posts: 114
- Joined: 08 Nov 2019, 11:56
Re: User Unauthorised error
hello, we have prepare api to get session token and save that token into cookies via okhttp lib method on android side. and same for ios.
So, whenever we start the application we are taking the latest token. By the time if token expired then aimeos will return new token, but if its not then we will get old token again. And once token will be retrieved we are checking the session with user. Either user is attached with the session or not (by calling custom details api end point). If it is attached with user , then API will return user details.
If API will not return any error, then we are doing login user API call again to attach user with session. Thanks
So, whenever we start the application we are taking the latest token. By the time if token expired then aimeos will return new token, but if its not then we will get old token again. And once token will be retrieved we are checking the session with user. Either user is attached with the session or not (by calling custom details api end point). If it is attached with user , then API will return user details.
If API will not return any error, then we are doing login user API call again to attach user with session. Thanks
-
- Posts: 72
- Joined: 22 Mar 2021, 16:56
Re: User Unauthorised error
Hi traiyani75,
I think we're doing the same thing. Your session token is perhaps the bearer token issued by a guard, eg. laravel sanctum?
I have no issue authenticating api requests, and/or as you mention retrieving the customers details.
My only issue right now, is similar to another post you created, is that my basket isn't persisting as it relies on sessions until stored. Because the basket is split into several requirements (addresses, services, products, coupons etc) I was hoping to split my requests into steps similar to the website.
Is it possible for you to share a little more on how you managed this please?
Thank you
I think we're doing the same thing. Your session token is perhaps the bearer token issued by a guard, eg. laravel sanctum?
I have no issue authenticating api requests, and/or as you mention retrieving the customers details.
My only issue right now, is similar to another post you created, is that my basket isn't persisting as it relies on sessions until stored. Because the basket is split into several requirements (addresses, services, products, coupons etc) I was hoping to split my requests into steps similar to the website.
Is it possible for you to share a little more on how you managed this please?
Thank you