# |
Dec 29th 2018, 15:40 |
NickBusey |
I'm using that to talk to cake |
# |
Dec 29th 2018, 15:39 |
NickBusey |
https://preview.pro.ant.design/dashboard/analysis |
# |
Dec 29th 2018, 15:39 |
challgren |
Is your react spa on the same site? |
# |
Dec 29th 2018, 15:39 |
challgren |
it asks for an API key |
# |
Dec 29th 2018, 15:39 |
challgren |
I was saying more look at the login on android |
# |
Dec 29th 2018, 15:39 |
NickBusey |
I have no idea how android code works, no idea where to even start looking in that repo |
# |
Dec 29th 2018, 15:37 |
NickBusey |
I really don't want to dump people back onto a cake app just to login and registor |
# |
Dec 29th 2018, 15:37 |
NickBusey |
I am developing a responsive site, a React SPA |
# |
Dec 29th 2018, 15:37 |
challgren |
Personally I would just develop a responsive site and use the API for native apps |
# |
Dec 29th 2018, 15:35 |
challgren |
Check out how https://gitlab.com/Commit451/LabCoat does it on Android |
# |
Dec 29th 2018, 15:34 |
NickBusey |
there could be a mobile app, a desktop app, a react web app, etc etc |
# |
Dec 29th 2018, 15:34 |
challgren |
Seems overkill building native apps for each platform |
# |
Dec 29th 2018, 15:34 |
challgren |
So you would have a app on the computer too? |
# |
Dec 29th 2018, 15:34 |
NickBusey |
ok, that works one time, on one device. say they go over to computer 2 and want to login |
# |
Dec 29th 2018, 15:34 |
birdy247 |
@dereuromark point taken |
# |
Dec 29th 2018, 15:33 |
challgren |
that require Auth |
# |
Dec 29th 2018, 15:33 |
challgren |
And use that on further calls |
# |
Dec 29th 2018, 15:33 |
challgren |
Well when they register return the api key that you generate |
# |
Dec 29th 2018, 15:33 |
NickBusey |
That kinda seems like the point of an API ;) |
# |
Dec 29th 2018, 15:33 |
NickBusey |
They are going to register through the API too |
# |
Dec 29th 2018, 15:33 |
challgren |
So how does the user register then? Or do you provide the login credentials? |
# |
Dec 29th 2018, 15:32 |
NickBusey |
Hmmm.. well the way I'm designing this is there is no `web` interface for them to login with, everything is done through the api |
# |
Dec 29th 2018, 15:31 |
challgren |
but the user would login via web and then get their api key |
# |
Dec 29th 2018, 15:31 |
challgren |
Yes it is |
# |
Dec 29th 2018, 15:31 |
NickBusey |
hmm, I thought the api key was per user, hence why it says this in the comments ` //db field where the key is stored` |
# |
Dec 29th 2018, 15:31 |
challgren |
Well the api key you would know before you “login” |
# |
Dec 29th 2018, 15:30 |
k4t |
yes, they are working but they are throwing exception about missing view template which is normal... |
# |
Dec 29th 2018, 15:30 |
NickBusey |
right.. I am, but this is on initial login. wouldn't I need to query the db to get the token first? |
# |
Dec 29th 2018, 15:30 |
challgren |
https://github.com/CakeDC/auth/blob/master/Docs/Documentation/ApiKeyAuthenticate.md |
# |
Dec 29th 2018, 15:30 |
challgren |
Use a token |
# |
Dec 29th 2018, 15:29 |
NickBusey |
challgren: Ok, well anyway to disable that? Not sure how to get an API working with the normal security stuff enabled |
# |
Dec 29th 2018, 15:29 |
k4t |
I have to listeners enabled: Crud.Api and Crud.ApiQueryLog |
# |
Dec 29th 2018, 15:29 |
NickBusey |
k4t: http://www.bravo-kernel.com/2015/04/how-to-prefix-route-a-cakephp-3-rest-api/ |
# |
Dec 29th 2018, 15:29 |
NickBusey |
k4t: with both the normal api and the json api enabled, normal links without the .json should work. |
# |
Dec 29th 2018, 15:28 |
challgren |
@nickbusey it does reenable security when logging in |
# |
Dec 29th 2018, 15:28 |
k4t |
well it is working like I said. but I want to change now behavior of links without .json extension. I would like ot make them work like links without .json at the end or just throw 404 on such url |
# |
Dec 29th 2018, 15:28 |
NickBusey |
ection. Does the Users plugin set it's own security preferences? |
# |
Dec 29th 2018, 15:28 |
NickBusey |
Hmm, I'm using the CakeDC/Users plugin as well, trying to get the auth flows to work through the API. All my other API flows work fine, but when I try users/login I get `'_Token' was not found in request data.`. If I disable the `validatePost` check in the SecurityComponent, I then get an error about CSRF tokens, but I've already disabled CSRF prot |
# |
Dec 29th 2018, 15:25 |
NickBusey |
as well as the JSON api* |
# |
Dec 29th 2018, 15:25 |
NickBusey |
It should work, do you have the normal API enabled as well? |
# |
Dec 29th 2018, 15:19 |
k4t |
poke @admad, @dereuromark, @neon1024 |