Log message #4171544

# At Username Text
# Dec 29th 2018, 15:41 challgren Seems a bit overkill
# Dec 29th 2018, 15:40 NickBusey so no, not really
# Dec 29th 2018, 15:40 NickBusey same site? not sure what you're asking exactly, they run on different ports if that's what you mean
# Dec 29th 2018, 15:40 NickBusey I'm using that to talk to cake
# Dec 29th 2018, 15:39 NickBusey https://preview.pro.ant.design/dashboard/analysis
# Dec 29th 2018, 15:39 challgren Is your react spa on the same site?
# Dec 29th 2018, 15:39 challgren it asks for an API key
# Dec 29th 2018, 15:39 challgren I was saying more look at the login on android
# Dec 29th 2018, 15:39 NickBusey I have no idea how android code works, no idea where to even start looking in that repo
# Dec 29th 2018, 15:37 NickBusey I really don't want to dump people back onto a cake app just to login and registor
# Dec 29th 2018, 15:37 NickBusey I am developing a responsive site, a React SPA
# Dec 29th 2018, 15:37 challgren Personally I would just develop a responsive site and use the API for native apps
# Dec 29th 2018, 15:35 challgren Check out how https://gitlab.com/Commit451/LabCoat does it on Android
# Dec 29th 2018, 15:34 NickBusey there could be a mobile app, a desktop app, a react web app, etc etc
# Dec 29th 2018, 15:34 challgren Seems overkill building native apps for each platform
# Dec 29th 2018, 15:34 challgren So you would have a app on the computer too?
# Dec 29th 2018, 15:34 NickBusey ok, that works one time, on one device. say they go over to computer 2 and want to login
# Dec 29th 2018, 15:34 birdy247 @dereuromark point taken
# Dec 29th 2018, 15:33 challgren that require Auth
# Dec 29th 2018, 15:33 challgren And use that on further calls
# Dec 29th 2018, 15:33 challgren Well when they register return the api key that you generate
# Dec 29th 2018, 15:33 NickBusey That kinda seems like the point of an API ;)
# Dec 29th 2018, 15:33 NickBusey They are going to register through the API too
# Dec 29th 2018, 15:33 challgren So how does the user register then? Or do you provide the login credentials?
# Dec 29th 2018, 15:32 NickBusey Hmmm.. well the way I'm designing this is there is no `web` interface for them to login with, everything is done through the api
# Dec 29th 2018, 15:31 challgren but the user would login via web and then get their api key
# Dec 29th 2018, 15:31 challgren Yes it is
# Dec 29th 2018, 15:31 NickBusey hmm, I thought the api key was per user, hence why it says this in the comments ` //db field where the key is stored`
# Dec 29th 2018, 15:31 challgren Well the api key you would know before you “login”
# Dec 29th 2018, 15:30 k4t yes, they are working but they are throwing exception about missing view template which is normal...
# Dec 29th 2018, 15:30 NickBusey right.. I am, but this is on initial login. wouldn't I need to query the db to get the token first?
# Dec 29th 2018, 15:30 challgren https://github.com/CakeDC/auth/blob/master/Docs/Documentation/ApiKeyAuthenticate.md
# Dec 29th 2018, 15:30 challgren Use a token
# Dec 29th 2018, 15:29 NickBusey challgren: Ok, well anyway to disable that? Not sure how to get an API working with the normal security stuff enabled
# Dec 29th 2018, 15:29 k4t I have to listeners enabled: Crud.Api and Crud.ApiQueryLog
# Dec 29th 2018, 15:29 NickBusey k4t: http://www.bravo-kernel.com/2015/04/how-to-prefix-route-a-cakephp-3-rest-api/
# Dec 29th 2018, 15:29 NickBusey k4t: with both the normal api and the json api enabled, normal links without the .json should work.
# Dec 29th 2018, 15:28 challgren @nickbusey it does reenable security when logging in
# Dec 29th 2018, 15:28 k4t well it is working like I said. but I want to change now behavior of links without .json extension. I would like ot make them work like links without .json at the end or just throw 404 on such url
# Dec 29th 2018, 15:28 NickBusey ection. Does the Users plugin set it's own security preferences?
# Dec 29th 2018, 15:28 NickBusey Hmm, I'm using the CakeDC/Users plugin as well, trying to get the auth flows to work through the API. All my other API flows work fine, but when I try users/login I get `'_Token' was not found in request data.`. If I disable the `validatePost` check in the SecurityComponent, I then get an error about CSRF tokens, but I've already disabled CSRF prot