| # |
Sep 18th 2019, 21:44 |
 dereuromark |
what if you use /auth as path, and then set /login inside it etc? |
| # |
Sep 18th 2019, 21:42 |
daniel.upshaw |
I like to see `/auth/login` if possible |
| # |
Sep 18th 2019, 21:42 |
daniel.upshaw |
Yeah same |
| # |
Sep 18th 2019, 21:42 |
dereuromark |
but that doesnt sound like a good idea to me. |
| # |
Sep 18th 2019, 21:42 |
dereuromark |
ah, or maybe you indeed overwrite root |
| # |
Sep 18th 2019, 21:42 |
daniel.upshaw |
Hmmm |
| # |
Sep 18th 2019, 21:42 |
dereuromark |
the plugins root, including /auth |
| # |
Sep 18th 2019, 21:41 |
daniel.upshaw |
That's saying from the root, to use DashedRoutes as a fallback, right? But in the main app, since that fallbacks to DashedRoutes as well.... it never checks the plugin's fallback route |
| # |
Sep 18th 2019, 21:40 |
daniel.upshaw |
Even if I have ```Router::plugin( 'Auth', ['path' => '/'], function (RouteBuilder $routes) { $routes->fallbacks(DashedRoute::class); } );``` |
| # |
Sep 18th 2019, 21:40 |
daniel.upshaw |
`plugins/Auth/src/Controller/AuthController.php` ... and a `login()` method.... it won't see `/auth/login` |
| # |
Sep 18th 2019, 21:39 |
daniel.upshaw |
So for example, I'm trying to learn the Authorization stuff, and I want it in a plugin.. Say I have plugins/Auth |
| # |
Sep 18th 2019, 21:38 |
dereuromark |
i dont follow. plugins use the apps by default, they inherit. |
| # |
Sep 18th 2019, 21:38 |
daniel.upshaw |
Might just make the Plugins use very specific routes, instead of leveraging DashedRoutes, if it won't be possible otherwise |
| # |
Sep 18th 2019, 21:37 |
daniel.upshaw |
Wellll, isn't it ideal to modularize the plugins? |
| # |
Sep 18th 2019, 21:36 |
dereuromark |
just make the plugin ignore its routes and set up plugin routes from your app, this way you can overwrite it. |
| # |
Sep 18th 2019, 21:32 |
daniel.upshaw |
Or otherwise I wonder if it's possible to check plugin routes before the main routes... |
| # |
Sep 18th 2019, 21:31 |
daniel.upshaw |
It seems that if the core app has `$routes->fallbacks(DashedRoute::class);`, then it doesn't pick up the `/:controller/:action` pattern from the root path |
| # |
Sep 18th 2019, 21:31 |
daniel.upshaw |
Any way to have a Plugin use `DashedRoutes` from the root path `/`, if the core app uses `$routes->fallbacks(DashedRoute::class);`? |
| # |
Sep 18th 2019, 20:32 |
ricksaccous |
I have no idea what you're currently using |
| # |
Sep 18th 2019, 20:31 |
noel |
So I'd have to create an action which listens for 'json-api' on the request and then manually construct json that shows the validation errors? |
| # |
Sep 18th 2019, 20:30 |
noel |
No, it's`422 Unprocessable Entity` |
| # |
Sep 18th 2019, 20:29 |
ricksaccous |
if not I think it's up to you to show the errors/etc |
| # |
Sep 18th 2019, 20:29 |
ricksaccous |
are you getting a 404? |
| # |
Sep 18th 2019, 20:28 |
noel |
ok cool. I'm trying to post to the json api and it's saying there are validation errors but not showing what they are? |
| # |
Sep 18th 2019, 20:25 |
ricksaccous |
then you can just get rid of the beforeFilter logic |
| # |
Sep 18th 2019, 20:24 |
ricksaccous |
https://book.cakephp.org/3.0/en/controllers/middleware.html#cross-site-request-forgery-csrf-middleware |
| # |
Sep 18th 2019, 20:24 |
ricksaccous |
yeah I'd say so |
| # |
Sep 18th 2019, 20:23 |
noel |
So I suppose I should register it only for non API prefixes? |
| # |
Sep 18th 2019, 20:22 |
noel |
Like this: ``` Router::scope('/', function (RouteBuilder $routes) { // Register scoped middleware for in scopes. $routes->registerMiddleware('csrf', new CsrfProtectionMiddleware([ 'httpOnly' => true, ])); ``` |
| # |
Sep 18th 2019, 20:21 |
noel |
in the routes.php file |
| # |
Sep 18th 2019, 20:21 |
noel |
middleware |
| # |
Sep 18th 2019, 20:20 |
ricksaccous |
are you enabling it in the first place via routing or middleware? |
| # |
Sep 18th 2019, 20:20 |
noel |
Ok tx. Got that... now the CSRF error is back, even though it's disabled in the beforeFilter. |
| # |
Sep 18th 2019, 20:20 |
ricksaccous |
use Cake\Event\Event; |
| # |
Sep 18th 2019, 20:19 |
ricksaccous |
whatever it is |
| # |
Sep 18th 2019, 20:19 |
ricksaccous |
or use |
| # |
Sep 18th 2019, 20:19 |
ricksaccous |
you didn't import the class |
| # |
Sep 18th 2019, 20:19 |
noel |
Is that just scoping? |
| # |
Sep 18th 2019, 20:18 |
noel |
ok tx.. but then I get this error instead: `Declaration of App\Controller\AppController::beforeFilter(App\Controller\Event $event) should be compatible with Cake\Controller\Controller::beforeFilter(Cake\Event\Event $event) ` |
| # |
Sep 18th 2019, 20:11 |
ricksaccous |
@noel disable CSRF for your Api |
| # |
Sep 18th 2019, 20:11 |
noel |
Hi all. I'm trying to use CrudJsonApi and I'm getting: `Error: CSRF token mismatch.` on a POST using Postman. Any idea how to fix that? |