Log message #4204020

# At Username Text
# Sep 18th 2019, 21:44 dereuromark what if you use /auth as path, and then set /login inside it etc?
# Sep 18th 2019, 21:42 daniel.upshaw I like to see `/auth/login` if possible
# Sep 18th 2019, 21:42 daniel.upshaw Yeah same
# Sep 18th 2019, 21:42 dereuromark but that doesnt sound like a good idea to me.
# Sep 18th 2019, 21:42 dereuromark ah, or maybe you indeed overwrite root
# Sep 18th 2019, 21:42 daniel.upshaw Hmmm
# Sep 18th 2019, 21:42 dereuromark the plugins root, including /auth
# Sep 18th 2019, 21:41 daniel.upshaw That's saying from the root, to use DashedRoutes as a fallback, right? But in the main app, since that fallbacks to DashedRoutes as well.... it never checks the plugin's fallback route
# Sep 18th 2019, 21:40 daniel.upshaw Even if I have ```Router::plugin( 'Auth', ['path' => '/'], function (RouteBuilder $routes) { $routes->fallbacks(DashedRoute::class); } );```
# Sep 18th 2019, 21:40 daniel.upshaw `plugins/Auth/src/Controller/AuthController.php` ... and a `login()` method.... it won't see `/auth/login`
# Sep 18th 2019, 21:39 daniel.upshaw So for example, I'm trying to learn the Authorization stuff, and I want it in a plugin.. Say I have plugins/Auth
# Sep 18th 2019, 21:38 dereuromark i dont follow. plugins use the apps by default, they inherit.
# Sep 18th 2019, 21:38 daniel.upshaw Might just make the Plugins use very specific routes, instead of leveraging DashedRoutes, if it won't be possible otherwise
# Sep 18th 2019, 21:37 daniel.upshaw Wellll, isn't it ideal to modularize the plugins?
# Sep 18th 2019, 21:36 dereuromark just make the plugin ignore its routes and set up plugin routes from your app, this way you can overwrite it.
# Sep 18th 2019, 21:32 daniel.upshaw Or otherwise I wonder if it's possible to check plugin routes before the main routes...
# Sep 18th 2019, 21:31 daniel.upshaw It seems that if the core app has `$routes->fallbacks(DashedRoute::class);`, then it doesn't pick up the `/:controller/:action` pattern from the root path
# Sep 18th 2019, 21:31 daniel.upshaw Any way to have a Plugin use `DashedRoutes` from the root path `/`, if the core app uses `$routes->fallbacks(DashedRoute::class);`?
# Sep 18th 2019, 20:32 ricksaccous I have no idea what you're currently using
# Sep 18th 2019, 20:31 noel So I'd have to create an action which listens for 'json-api' on the request and then manually construct json that shows the validation errors?
# Sep 18th 2019, 20:30 noel No, it's`422 Unprocessable Entity`
# Sep 18th 2019, 20:29 ricksaccous if not I think it's up to you to show the errors/etc
# Sep 18th 2019, 20:29 ricksaccous are you getting a 404?
# Sep 18th 2019, 20:28 noel ok cool. I'm trying to post to the json api and it's saying there are validation errors but not showing what they are?
# Sep 18th 2019, 20:25 ricksaccous then you can just get rid of the beforeFilter logic
# Sep 18th 2019, 20:24 ricksaccous https://book.cakephp.org/3.0/en/controllers/middleware.html#cross-site-request-forgery-csrf-middleware
# Sep 18th 2019, 20:24 ricksaccous yeah I'd say so
# Sep 18th 2019, 20:23 noel So I suppose I should register it only for non API prefixes?
# Sep 18th 2019, 20:22 noel Like this: ``` Router::scope('/', function (RouteBuilder $routes) { // Register scoped middleware for in scopes. $routes->registerMiddleware('csrf', new CsrfProtectionMiddleware([ 'httpOnly' => true, ])); ```
# Sep 18th 2019, 20:21 noel in the routes.php file
# Sep 18th 2019, 20:21 noel middleware
# Sep 18th 2019, 20:20 ricksaccous are you enabling it in the first place via routing or middleware?
# Sep 18th 2019, 20:20 noel Ok tx. Got that... now the CSRF error is back, even though it's disabled in the beforeFilter.
# Sep 18th 2019, 20:20 ricksaccous use Cake\Event\Event;
# Sep 18th 2019, 20:19 ricksaccous whatever it is
# Sep 18th 2019, 20:19 ricksaccous or use
# Sep 18th 2019, 20:19 ricksaccous you didn't import the class
# Sep 18th 2019, 20:19 noel Is that just scoping?
# Sep 18th 2019, 20:18 noel ok tx.. but then I get this error instead: `Declaration of App\Controller\AppController::beforeFilter(App\Controller\Event $event) should be compatible with Cake\Controller\Controller::beforeFilter(Cake\Event\Event $event) `
# Sep 18th 2019, 20:11 ricksaccous @noel disable CSRF for your Api
# Sep 18th 2019, 20:11 noel Hi all. I'm trying to use CrudJsonApi and I'm getting: `Error: CSRF token mismatch.` on a POST using Postman. Any idea how to fix that?