| # |
Dec 29th 2018, 16:39 |
 admad |
There's crud-users plugin too :) |
| # |
Dec 29th 2018, 16:36 |
NickBusey |
I have a CRUD API fully working, just not login/register |
| # |
Dec 29th 2018, 16:36 |
NickBusey |
I am using both :) |
| # |
Dec 29th 2018, 16:36 |
admad |
NickBusey: I suggest checking out Crud plugin and it's ApiListener. I makes developing APIs quite easier |
| # |
Dec 29th 2018, 16:23 |
NickBusey |
Yea guess I'll just rip out CakeDC/users, it's nice to get up and running quick, but I've already had a ton of redirect loop problems as well as now this API incompatibility |
| # |
Dec 29th 2018, 16:08 |
challgren |
Just dont forget to update your routes |
| # |
Dec 29th 2018, 16:08 |
NickBusey |
Cool I may try that.. thanks |
| # |
Dec 29th 2018, 16:05 |
challgren |
And I didnt want logout to completely logout the user |
| # |
Dec 29th 2018, 16:04 |
challgren |
@nickbusey I had to do it with my logout function because I do impersonate users https://audit-app.gitlab.io/website/src/Controller/PagesController.php.html#108 |
| # |
Dec 29th 2018, 16:04 |
itmpls |
way more control over everything |
| # |
Dec 29th 2018, 16:04 |
itmpls |
that's what I do |
| # |
Dec 29th 2018, 16:02 |
challgren |
https://github.com/CakeDC/users/blob/master/src/Controller/Traits/LoginTrait.php |
| # |
Dec 29th 2018, 16:01 |
challgren |
Or just use your own custom controllers and the traits provided |
| # |
Dec 29th 2018, 16:01 |
NickBusey |
Alright, well I'll submit a pull request to CakeDC/users to remove the part where they say they support APIs |
| # |
Dec 29th 2018, 16:00 |
challgren |
Yeah maybe not relying on CaekDC/users controllers might be a solution for @nickbusey |
| # |
Dec 29th 2018, 16:00 |
admad |
@challgren then might be good idea to not use it if can't be disabled :) |
| # |
Dec 29th 2018, 15:59 |
NickBusey |
Yea, I've been going through that. I have JWT working with the other resources |
| # |
Dec 29th 2018, 15:59 |
admad |
NickBusey: http://www.bravo-kernel.com/2015/04/how-to-add-jwt-authentication-to-a-cakephp-3-rest-api/ |
| # |
Dec 29th 2018, 15:59 |
NickBusey |
Martin`: Yup! |
| # |
Dec 29th 2018, 15:58 |
challgren |
@admad CakeDC/users enables its https://github.com/CakeDC/users/blob/master/src/Controller/AppController.php#L32 |
| # |
Dec 29th 2018, 15:58 |
Martin` |
NickBusey: ok, so nicest is to build something like remember but with fallback to cache when callable returns false :P |
| # |
Dec 29th 2018, 15:57 |
admad |
The fact that it is looking for _Token means you do have it enabled |
| # |
Dec 29th 2018, 15:57 |
NickBusey |
All the rest of my API works, user api fails |
| # |
Dec 29th 2018, 15:57 |
NickBusey |
I'm not? I have disabled them both |
| # |
Dec 29th 2018, 15:57 |
admad |
Nor csrf component/middleware |
| # |
Dec 29th 2018, 15:56 |
admad |
Don't use securitysecomponent for api |
| # |
Dec 29th 2018, 15:56 |
challgren |
@admad https://cakesf.slack.com/archives/C053DPNGT/p1546097289329500 |
| # |
Dec 29th 2018, 15:56 |
NickBusey |
I have disabled the Security component, but it seems to be used anyway for the CakeDC/users login function |
| # |
Dec 29th 2018, 15:55 |
NickBusey |
Because when I submit the login form, I get errors about missing _Token's, and csrf protection |
| # |
Dec 29th 2018, 15:55 |
admad |
NickBusey: "I should 100% be able to present a native login screen in whatever client type I am working with, submit a request, and get a token back" what's preventing you from doing that? |
| # |
Dec 29th 2018, 15:53 |
admad |
That will trigger the jsonn view being used just like it does for .json extension |
| # |
Dec 29th 2018, 15:52 |
admad |
@k4t add "Accept: application/json" header to request |
| # |
Dec 29th 2018, 15:52 |
NickBusey |
I should 100% be able to present a native login screen in whatever client type I am working with, submit a request, and get a token back. Having to load a webview or whatever is a hacky workaround |
| # |
Dec 29th 2018, 15:52 |
NickBusey |
I don't really agree that is the issue, that is the specific problem I'm running into now, but it shouldn't be. Expecting an API client and API server to be on the same port/domain is not a reasonable assumption |
| # |
Dec 29th 2018, 15:51 |
challgren |
The different ports/domains are where you run into issues |
| # |
Dec 29th 2018, 15:51 |
challgren |
Cause you could log the user in with cake and then dump them into your react app and continue on |
| # |
Dec 29th 2018, 15:51 |
NickBusey |
Martin`: `remember` just provides some simplicity/magic around Cache::read / Cache::write, use those directly |
| # |
Dec 29th 2018, 15:50 |
challgren |
Well with the different ports that is causing your auth issues |
| # |
Dec 29th 2018, 15:50 |
Martin` |
but that is not possible with remember I quess? |
| # |
Dec 29th 2018, 15:50 |
NickBusey |
Well react isn't really the issue here, native apps would need the same functionality |
| # |
Dec 29th 2018, 15:49 |
NickBusey |
Martin`: Sure, just add a bit in the error handler of the api request, to load specifically from the cache what you saved on the last successful request |