- Posts: 12
- Thank you received: 0
×
Requests and support related to jBackend.
Just integrated JBackend, have a few questions.
- jingato
- Topic Author
- Offline
- New Member
-
Less
More
8 years 11 months ago #4517
by jingato
Just integrated JBackend, have a few questions. was created by jingato
Hi,
I just purchased a subscription, downloaded JBackend and integrated into my site. I'm now trying to get it setup and tested using your helloworld plugin before moving forward and creating my own. Here are the questions I have.
1) In regards to the api keys. Are they guaranteed to be unique or is it possible they can produce the same key twice?
2) Is it possible to send the api key in the header rather than as a parameter? That seems to be the recommended way to pass an api key from what I am finding online.
3) Taking that a step further, would something like jason web tokens we able to to be used instead?
4) I'm trying to use the helloworld plugin as a text on my site. It works if I make the menu item "free", but when I set it to api key I can't get in. I am using sef urls and would prefer to provide them to my clients that way. For the helloworld test I am entering my the url into postman as mydomain/web-api/get/helloword/greeting. Where do I put the api key while still keeping a sef url and using get. Note, I will most likely be using posts for my custom api, however, the option for get would be nice and the helloworld demo only works with get requests.
5) Regarding posts, I tried modifying the helloworld plugin to test with a post and adding the api key, but it still just returns saying api key required. I am using the url as mydomain/web-api/post/helloworld/greeting. In postman I added the form data as key = api_key and value = mykey. I also tried adding it as json using { "api_key":"mykey" } but still just returned error code "REQ_AKR" API key required. Not even that it was an incorrect key, but as if I didn't even supply one. The one I am adding is valid though.
6) I need to provide a live api and a sandbox api. Should this be done with 2 different api keys or should it be done with different urls?
7) I noticed in postman if I put in an invalid url by accident, which is easy to do, I get back the entire joomla page html. Is there any way to prevent this and always return a json error instead? Note, I only want this to be when using the api, the website still needs to work as expected. Could it somehow be done using a subdomain to access the api?
Thank you
John
I just purchased a subscription, downloaded JBackend and integrated into my site. I'm now trying to get it setup and tested using your helloworld plugin before moving forward and creating my own. Here are the questions I have.
1) In regards to the api keys. Are they guaranteed to be unique or is it possible they can produce the same key twice?
2) Is it possible to send the api key in the header rather than as a parameter? That seems to be the recommended way to pass an api key from what I am finding online.
3) Taking that a step further, would something like jason web tokens we able to to be used instead?
4) I'm trying to use the helloworld plugin as a text on my site. It works if I make the menu item "free", but when I set it to api key I can't get in. I am using sef urls and would prefer to provide them to my clients that way. For the helloworld test I am entering my the url into postman as mydomain/web-api/get/helloword/greeting. Where do I put the api key while still keeping a sef url and using get. Note, I will most likely be using posts for my custom api, however, the option for get would be nice and the helloworld demo only works with get requests.
5) Regarding posts, I tried modifying the helloworld plugin to test with a post and adding the api key, but it still just returns saying api key required. I am using the url as mydomain/web-api/post/helloworld/greeting. In postman I added the form data as key = api_key and value = mykey. I also tried adding it as json using { "api_key":"mykey" } but still just returned error code "REQ_AKR" API key required. Not even that it was an incorrect key, but as if I didn't even supply one. The one I am adding is valid though.
6) I need to provide a live api and a sandbox api. Should this be done with 2 different api keys or should it be done with different urls?
7) I noticed in postman if I put in an invalid url by accident, which is easy to do, I get back the entire joomla page html. Is there any way to prevent this and always return a json error instead? Note, I only want this to be when using the api, the website still needs to work as expected. Could it somehow be done using a subdomain to access the api?
Thank you
John
Please Log in or Create an account to join the conversation.
- jingato
- Topic Author
- Offline
- New Member
-
Less
More
- Posts: 12
- Thank you received: 0
8 years 11 months ago #4518
by jingato
Replied by jingato on topic Just integrated JBackend, have a few questions.
ok, I ran some more tests and I can't seem to retrieve any values from the request whatsoever. I tried changing the helloworlds onRequestHelloWorld function to look like this.
I tried adding the key "test" to the json body of the request and to the header but this the response I get
So it seems like I am able to get the default data that is defined in the url (action and resource), but nothing else. What could be causing this?
John
jBackendHelper::moduleStack($status, 'helloworld');
$app = JFactory::getApplication();
$action = $app->input->getString('action');
$resource = $app->input->getString('resource');
$test = $app->input->getString('test');
$response['status'] = 'ok';
$response['message'] = 'test var is ' . $test;
$response['action'] = $action;
$response['resource'] = $resource;
return trueI tried adding the key "test" to the json body of the request and to the header but this the response I get
{
"status": "ok",
"message": "test var is ",
"action": "post",
"resource": "greeting"
}So it seems like I am able to get the default data that is defined in the url (action and resource), but nothing else. What could be causing this?
John
Please Log in or Create an account to join the conversation.
- jingato
- Topic Author
- Offline
- New Member
-
Less
More
- Posts: 12
- Thank you received: 0
8 years 11 months ago #4519
by jingato
Replied by jingato on topic Just integrated JBackend, have a few questions.
Even wierder is is I make the url www.mydomain.com/web-api/post/helloworld/greeting?test=testinurl
the output looks like
Why am I able to add variables to the url even when it is sent as a post? Something doesn't seem right about that. Is this a bug? But either way, I am able to get data from the url, but not the post data regardless of how I send it.
the output looks like
{
"status": "ok",
"message": "test var is testinurl",
"action": "post",
"resource": "greeting"
}Why am I able to add variables to the url even when it is sent as a post? Something doesn't seem right about that. Is this a bug? But either way, I am able to get data from the url, but not the post data regardless of how I send it.
Please Log in or Create an account to join the conversation.
- jingato
- Topic Author
- Offline
- New Member
-
Less
More
- Posts: 12
- Thank you received: 0
8 years 11 months ago #4520
by jingato
Replied by jingato on topic Just integrated JBackend, have a few questions.
UPDATE:
I found a way to get both the test post data and the api key working with post data, but not completely. It turns out I can only use the form tab (multipart/form-data) or x-www-form-urlencoded. I cannot use the Raw tab with application/json. I tried a few other rest testing applications to make sure it wasn't postman and they all had the same result. So question is, why can I not use json? I would prefer to use json and not being able to could cause issues down the road. Also, I would still prefer to put the api key in the header. Is it possible, even if I have to edit the jBackend source code?
I found a way to get both the test post data and the api key working with post data, but not completely. It turns out I can only use the form tab (multipart/form-data) or x-www-form-urlencoded. I cannot use the Raw tab with application/json. I tried a few other rest testing applications to make sure it wasn't postman and they all had the same result. So question is, why can I not use json? I would prefer to use json and not being able to could cause issues down the road. Also, I would still prefer to put the api key in the header. Is it possible, even if I have to edit the jBackend source code?
Please Log in or Create an account to join the conversation.
- jingato
- Topic Author
- Offline
- New Member
-
Less
More
- Posts: 12
- Thank you received: 0
8 years 11 months ago #4521
by jingato
Replied by jingato on topic Just integrated JBackend, have a few questions.
Ok, I figured out how to get the key from the header by usingNote that I had to remove the _and just set it as apikey or it would not show up in the array. api-key would not either.
$app->input->server->getString('HTTP_APIKEY')Please Log in or Create an account to join the conversation.
- admin
-
- Offline
- Administrator
-
Less
More
- Posts: 3194
- Thank you received: 441
8 years 11 months ago #4522
by admin
Replied by admin on topic Just integrated JBackend, have a few questions.
Hi,
this is the answer to the first topic (others not readed yet).
No. Key is unique at db level.
You can pass with GET and POST. At the moment the header is not supported yet, but I will add it in the next version.
The header support will be enough in addition to GET and POST.
See answer 2.
The API key is checked at component level (before to pass control to plugins) and is read with:
$api_key = $app->input->getString('api_key');
So it could be GET and POST. It will be very easy to add the header support.
As you prefer. Decision is up to you (same features and security level).
jBackend uses standard Joomla router. So if you call a wrong base URL, Joomla will not route the request to jBackend. If you want a Joomla site dedicated to jBackend, then you can force requests to jBackend (e.g. with .htaccess or ReDJ).
Kind regards,
Luigi
this is the answer to the first topic (others not readed yet).
1) In regards to the api keys. Are they guaranteed to be unique or is it possible they can produce the same key twice?
No. Key is unique at db level.
2) Is it possible to send the api key in the header rather than as a parameter? That seems to be the recommended way to pass an api key from what I am finding online.
You can pass with GET and POST. At the moment the header is not supported yet, but I will add it in the next version.
3) Taking that a step further, would something like jason web tokens we able to to be used instead?
The header support will be enough in addition to GET and POST.
4) I'm trying to use the helloworld plugin as a text on my site. It works if I make the menu item "free", but when I set it to api key I can't get in. I am using sef urls and would prefer to provide them to my clients that way. For the helloworld test I am entering my the url into postman as mydomain/web-api/get/helloword/greeting. Where do I put the api key while still keeping a sef url and using get. Note, I will most likely be using posts for my custom api, however, the option for get would be nice and the helloworld demo only works with get requests.
See answer 2.
5) Regarding posts, I tried modifying the helloworld plugin to test with a post and adding the api key, but it still just returns saying api key required. I am using the url as mydomain/web-api/post/helloworld/greeting. In postman I added the form data as key = api_key and value = mykey. I also tried adding it as json using { "api_key":"mykey" } but still just returned error code "REQ_AKR" API key required. Not even that it was an incorrect key, but as if I didn't even supply one. The one I am adding is valid though.
The API key is checked at component level (before to pass control to plugins) and is read with:
$api_key = $app->input->getString('api_key');
So it could be GET and POST. It will be very easy to add the header support.
6) I need to provide a live api and a sandbox api. Should this be done with 2 different api keys or should it be done with different urls?
As you prefer. Decision is up to you (same features and security level).
7) I noticed in postman if I put in an invalid url by accident, which is easy to do, I get back the entire joomla page html. Is there any way to prevent this and always return a json error instead? Note, I only want this to be when using the api, the website still needs to work as expected. Could it somehow be done using a subdomain to access the api?
jBackend uses standard Joomla router. So if you call a wrong base URL, Joomla will not route the request to jBackend. If you want a Joomla site dedicated to jBackend, then you can force requests to jBackend (e.g. with .htaccess or ReDJ).
Kind regards,
Luigi
Please Log in or Create an account to join the conversation.
Time to create page: 0.164 seconds