Just integrated JBackend, have a few questions.
Less
More
-
Posts: 3194
-
Thank you received: 441
-
-
8 years 11 months ago - 8 years 11 months ago #4523
by admin
Hi,
it depends on the plugin to support GET, POST or JSON payload. If you look at the last user plugin code, you will see that the actionLogin now supports also JSON payload:
if ($json_login)
{
// Get the input data as JSON
$json = new JInputJSON;
$json_data = json_decode($json->getRaw(), true);
}
$credentials = array();
$credentials['username'] = (isset($json_data)) ? $json_data['username'] : $app->input->getString('username');
$credentials['password'] = (isset($json_data)) ? $json_data['password'] : $app->input->getString('password');
So in this example I decided to add support for JSON payloads but to preserve also the old GET/POST support.
You don't need to change existing modules (just use them as documented on this site), but for your custom module you can choose the way you prefer.
Anyway, thanks for header API key support, I think is a great suggestion and it will be an existing feature of the next version.
Kind regards,
Luigi
Last edit: 8 years 11 months ago by admin.
Please Log in or Create an account to join the conversation.
-
jingato
-
Topic Author
-
Offline
-
New Member
-
Less
More
-
Posts: 12
-
Thank you received: 0
-
-
8 years 11 months ago #4524
by jingato
Hi Luigi,
thanks for the reply. Do you have any idea what could be causing the issue of only being able to use multipart/form-data or x-www-form-urlencoded as opposed to application/json and using the raw json data? It would need to be able to support that. I noticed that your example postman collection has querys that do use applicatio/json and raw json data and it does work with them. Could it be the version of Joomla I am on? I have the latest version, just installed the other day. Could it be a server setting? I don't quite understand why it wouldn't work, but it just comes through like there is no post data.
Thanks,
John
Please Log in or Create an account to join the conversation.
-
jingato
-
Topic Author
-
Offline
-
New Member
-
Less
More
-
Posts: 12
-
Thank you received: 0
-
-
8 years 11 months ago #4525
by jingato
oh, and in case you're interested, regarding the api key in the header. I realized that I could use a dash instead of an underscore and the server converts it to an underscore. So I changed my header to api-key and then checked it using
$app->input->server->getString('HTTP_API_KEY');
Please Log in or Create an account to join the conversation.
Less
More
-
Posts: 3194
-
Thank you received: 441
-
-
8 years 11 months ago #4526
by admin
Hi John,
as I told you not all functions support the JSON payload, and this is why not all functions in the postman collection has a json example. Maybe in the future this support will be extended to all functions of all plugins.
Kind regards,
Luigi
Please Log in or Create an account to join the conversation.
-
jingato
-
Topic Author
-
Offline
-
New Member
-
Less
More
-
Posts: 12
-
Thank you received: 0
-
-
8 years 11 months ago #4527
by jingato
I'm sorry, I completely missed the part where you created the JInputJSON object. I will not using any of your included plugins, but rather I am writing my own. I also implemented a more secure key management system using 2 UUID's any encrypted the UUID stored in the database. The second UUID should be used as a key to decrypt the UUID from the database which then gets compared against the first UUID. The second UUID also doesn't need to be stored in the database since it is based off of some internal data. It seems to work pretty well. I'm sure it's not quite secure as jwt something similar, but it is a nice in between and was quick to implement. If you're interested, i used
This
for the UUID generation and
This
for the encryption/decryption
regards
John
Please Log in or Create an account to join the conversation.
Less
More
-
Posts: 3194
-
Thank you received: 441
-
-
8 years 11 months ago #4528
by admin
Thanks for sharing with us your enhancements, and I will be glad to replicate something similar in jBackend too.
Some things I still don't understand is how this couple of UUID are better than an unique random key generated on server side, why a couple instead of a single UUID, and why encrypt the database value.
Kind regards
Luigi
Please Log in or Create an account to join the conversation.
Time to create page: 0.181 seconds