# |
Apr 12th 2021, 10:47 |
neon1024 |
Seems it does! Must be some secret __call in the entity trait :thinking_face: |
# |
Apr 12th 2021, 10:45 |
neon1024 |
Just wondering if there is some secret magic in the background |
# |
Apr 12th 2021, 10:45 |
neon1024 |
Just a quick question. In Cake 3 accessing an entity property directly such as. `$example->thing` does that still use the `_getThing()` accessor method, or do I have to use `$example->get('thing')` ? |
# |
Apr 12th 2021, 09:56 |
me1367 |
That'll make it executable so that you don't have to run `php bin/cake` |
# |
Apr 12th 2021, 09:55 |
me1367 |
`chmod +x bin/cake.php` |
# |
Apr 12th 2021, 02:48 |
hmic |
@noel |
# |
Apr 12th 2021, 02:48 |
hmic |
try "php bin/cake.php" |
# |
Apr 12th 2021, 00:00 |
noel |
yes: zsh: permission denied |
# |
Apr 11th 2021, 23:31 |
khalil |
No I get request has been blackholed |
# |
Apr 11th 2021, 23:26 |
kevin.pfeifer |
does `bin/cake.php` show something? |
# |
Apr 11th 2021, 23:02 |
noel |
I’m getting no terminal output nor errors when I run `bin/cake` and nothing in the CLI logs. Any ideas? |
# |
Apr 11th 2021, 17:00 |
noel |
@admad it’s not stateless no. It’s a stateful REST, so we can handle things like permissions by knowing who the session user is. |
# |
Apr 11th 2021, 16:56 |
cnizzardini |
Store JWT in session and pass JWT to API. CakePHP supports this. |
# |
Apr 11th 2021, 16:46 |
cnizzardini |
Should consider JWT, but I replied to the original message. Set request accepts header. |
# |
Apr 11th 2021, 16:36 |
admad |
There are stateless authenticators :) |
# |
Apr 11th 2021, 16:32 |
kevin.pfeifer |
i guess his api has some endpoints which require authentication |
# |
Apr 11th 2021, 16:27 |
admad |
And why does your API need sessions? It's not stateless REST? |
# |
Apr 11th 2021, 16:24 |
cnizzardini |
@noel |
# |
Apr 11th 2021, 16:23 |
cnizzardini |
e.g. ```curl -X 'GET' \ 'https://cakephpswaggerbake.cnizz.com/actors' \ -H 'accept: application/json'``` |
# |
Apr 11th 2021, 16:21 |
cnizzardini |
```-H 'accept: application/json'``` |
# |
Apr 11th 2021, 16:07 |
cnizzardini |
What is the specific problem/error though and someone might be able to better assist based off of that. |
# |
Apr 11th 2021, 16:06 |
cnizzardini |
I've done this (sorta), but I didn't have my API handling cookies since it was stateless. Cookies were handled in the Client which was SlimPHP + VueJS and then the API was an entirely separate CakePHP application. |
# |
Apr 11th 2021, 16:03 |
noel |
No. It’s working on another dev’s machine but not on mine. Can’t for the life of me figure out why. |
# |
Apr 11th 2021, 15:50 |
ndm |
Do you have any reason for doubting that VueJS would work with cookies out of the box? |
# |
Apr 11th 2021, 15:42 |
noel |
Has anyone here used VueJS as a front-end with Cake delivering an API on the back-end? If so how to get VueJS working with PHP Sessions? |
# |
Apr 11th 2021, 15:06 |
kevin.pfeifer |
or is there something specific in the log/error.log? |
# |
Apr 11th 2021, 15:03 |
kevin.pfeifer |
Do you actually get the error `Missing or invalid CSRF cookie.` or something else? |
# |
Apr 11th 2021, 14:47 |
khalil |
Any way to do that in cake? |
# |
Apr 11th 2021, 14:47 |
slackebot |
page, this will prevent the blackhole thing |
# |
Apr 11th 2021, 14:47 |
khalil |
Hello everyone! I have a question that I can't find any answer to anywhere, say I have a form on page, and I have this page open, if I keep it open and inactive for an hour or so, and then I try to log in, I get blackholed, I'm guessing this is due to the CSRF expiry? if that's the case, any way I can refresh this token manually? I can have a javascript function that calls a refresh token url and replace the old one on the |
# |
Apr 11th 2021, 14:08 |
kevin.pfeifer |
or you change to e.g. a JWT based authentication system |
# |
Apr 11th 2021, 14:07 |
kevin.pfeifer |
well if your GET requests don't have that cookie in there than thats the culprit |
# |
Apr 11th 2021, 14:05 |
noel |
hmm.. no, changing that setting didn’t affect it. |
# |
Apr 11th 2021, 14:04 |
noel |
I mean there is that – I’m using axios and that has a config setting for `withCredentials`. I enable it on some and disable it on other requests. I’ll play with that and see. tx |
# |
Apr 11th 2021, 14:03 |
kevin.pfeifer |
right :thinking_face: |
# |
Apr 11th 2021, 14:03 |
noel |
but then it shouldn’t work on any dev’s machines |
# |
Apr 11th 2021, 14:02 |
kevin.pfeifer |
could it be that you have to allow specific cookies in your frontend JS framework? |
# |
Apr 11th 2021, 14:01 |
noel |
Isn’t that cookie meant to be handled by the browser automagically though? It’s not something I’m used to being able to toggle. |
# |
Apr 11th 2021, 14:00 |
noel |
I can see that it is definitely not sending the PHPSESSID cookie on the GET request to check login, although it is receiving it on the login POST request when it logs in. |
# |
Apr 11th 2021, 13:57 |
noel |
I get the same problem across multiple browsers. |
# |
Apr 11th 2021, 13:57 |
noel |
probably but I can’t think of anything |