JSON admin API
Forum rules
Always add your Laravel, Aimeos and PHP version as well as your environment (Linux/Mac/Win)
Spam and unrelated posts will be removed immediately!
Always add your Laravel, Aimeos and PHP version as well as your environment (Linux/Mac/Win)
Spam and unrelated posts will be removed immediately!
JSON admin API
Hello,
I'm trying to use the Admin/JSONAPI but when I make the OPTIONS request (with BASIC auth in my header), I'm redirected to the login page.
Also request to .../admin/default/jsonadm/product display "The page has expired due to inactivity".
If I add the Middleware AuthenticateOnceWithBasicAuth and modify my route :
'jsonadm' => ['prefix' => 'admin/{site}/jsonadm', 'middleware' => ['web', 'auth.basic']],
Now when I make the OPTIONS request I get Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException: This action is unauthorized.
Thanks in advance for your help,
Bernard
Version : PHP 7.0.22 Ubuntu 16.04
Laravel Framework 5.5.13
Aimeos : ~2017.07
I'm trying to use the Admin/JSONAPI but when I make the OPTIONS request (with BASIC auth in my header), I'm redirected to the login page.
Also request to .../admin/default/jsonadm/product display "The page has expired due to inactivity".
If I add the Middleware AuthenticateOnceWithBasicAuth and modify my route :
'jsonadm' => ['prefix' => 'admin/{site}/jsonadm', 'middleware' => ['web', 'auth.basic']],
Now when I make the OPTIONS request I get Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException: This action is unauthorized.
Thanks in advance for your help,
Bernard
Version : PHP 7.0.22 Ubuntu 16.04
Laravel Framework 5.5.13
Aimeos : ~2017.07
Re: JSON admin API
Hello,
I fixed the problem with unauthorized access by adding my user to "admin" group and changing this :
'jsonadm' => ['prefix' => 'admin/{site}/jsonadm', 'middleware' => ['web', 'auth.basic']]
to this :
'jsonadm' => ['prefix' => 'admin/{site}/jsonadm', 'middleware' => ['web', 'auth.basic.once']]
But I still have a problem when I make a request to /admin/default/jsonadm/product ("The page has expired due to inactivity").
Thanks for your help.
Bernard
I fixed the problem with unauthorized access by adding my user to "admin" group and changing this :
'jsonadm' => ['prefix' => 'admin/{site}/jsonadm', 'middleware' => ['web', 'auth.basic']]
to this :
'jsonadm' => ['prefix' => 'admin/{site}/jsonadm', 'middleware' => ['web', 'auth.basic.once']]
But I still have a problem when I make a request to /admin/default/jsonadm/product ("The page has expired due to inactivity").
Thanks for your help.
Bernard
Re: JSON admin API
Laravel requires a CSRF token for all DELETE/PATCH/POST operations. You will get a new one with every response in the meta section of the JSON REST API:
In jQuery, add it to the JSON URL like this:
Code: Select all
"csrf": {
"name": "_token",
"value": "eSEetvzK8Lh4UgKoKDifUyi6Fy48zGvYk0tcc7eC"
}
Code: Select all
if(response['meta']['csrf']) {
var csrf = {};
csrf[response['meta']['csrf']['name']] = response['meta']['csrf']['value'];
url += (url.indexOf('?') === -1 ? '?' : '&') + $.param(csrf);
}
Professional support and custom implementation are available at Aimeos.com
If you like Aimeos, give us a star
If you like Aimeos, give us a star
Re: JSON admin API
Hello,
Now I have another problem linked to the JSONadm.
Since I enable base auth for json admin rest, when I go in the admin I always have the basic auth login popup.
Can you help me please?
Thanks,
Now I have another problem linked to the JSONadm.
Since I enable base auth for json admin rest, when I go in the admin I always have the basic auth login popup.
Can you help me please?
Thanks,
Re: JSON admin API
You should not use basic HTTP auth for Jsonadm because of that. Chose another way of authentication and pass the Laravel cookie with each request so Larvel knows you are authenticated.
Professional support and custom implementation are available at Aimeos.com
If you like Aimeos, give us a star
If you like Aimeos, give us a star