Invision Community 4: SEO, prepare for v5 and dormant account notifications By Matt Monday at 02:04 PM
maxkunes Posted July 12, 2017 Posted July 12, 2017 Some background: PHP is running as an apache-2 module not CGI URL Rewrite rule is currently off (will change in the future) I have tried the following: http://www.mywebsite.net/api/index.php?/core/hello&key=APIKEYHERE http://www.mywebsite.net/api/index.php?/core/hello?key=APIKEYHEREhttp://www.mywebsite.net/api/index.php?/core/hello&key={APIKEYHERE}http://www.mywebsite.net/api/index.php?/core/hello?key={APIKEYHERE}http://www.mywebsite.net/api/core/hello?key=APIKEYHEREhttp://www.mywebsite.net/api/core/hello&key=APIKEYHEREhttp://www.mywebsite.net/api/core/hello?key={APIKEYHERE}http://www.mywebsite.net/api/core/hello&key={APIKEYHERE} All of them have given me a NO_API_KEY error. What am I doing wrong here been at this for a couple hours can't figure it out. Also forgot to mention but when I check the API logs I don't see any entries at all? Thanks
Daniel F Posted July 12, 2017 Posted July 12, 2017 Take a look at our documentation;) Quote Authorization If supported by your server, the recommend method for authorization is via HTTP Basic Auth. Send the API key you created earlier as the username, and no password. If your server does not support this because PHP is running as a CGI binary, you will see a message in the AdminCP to indicate this. To authenticate, you should send an additional "key" parameter (in the query string for a GET request or along with the other parameters for a POST or PUT request) with the API key you created earlier. For example: You can test it with the sample code from our article. btw, I have also edited your first post to remove the URL ( you've changed the linktext, but your URL and the key were still visible in the sourcecode.
maxkunes Posted July 12, 2017 Author Posted July 12, 2017 3 minutes ago, Daniel F said: Take a look at our documentation;) You can test it with the sample code from our article. btw, I have also edited your first post to remove the URL ( you've changed the linktext, but your URL and the key were still visible in the sourcecode. Completely forgot about the hyper links xD However if that's the case (the support section you linked) then why didn't this work: http://www.mywebsite.net/api/index.php?/core/hello&key=APIKEYHERE
Daniel F Posted July 12, 2017 Posted July 12, 2017 The key parameter is only used with PHP running CGI mode. /* Work out API key */ $rawApiKey = NULL; if ( \IPS\Request::i()->isCgi() and isset( \IPS\Request::i()->key ) ) { $rawApiKey = \IPS\Request::i()->key; } else { if ( isset( $_SERVER['PHP_AUTH_USER'] ) ) { $rawApiKey = $_SERVER['PHP_AUTH_USER']; } else { foreach ( $_SERVER as $k => $v ) { if ( mb_substr( $k, -18 ) == 'HTTP_AUTHORIZATION' ) { $exploded = explode( ':', base64_decode( mb_substr( $v, 6 ) ) ); if ( isset( $exploded[0] ) ) { $rawApiKey = $exploded[0]; } } } } }
maxkunes Posted July 12, 2017 Author Posted July 12, 2017 11 minutes ago, Daniel F said: The key parameter is only used with PHP running CGI mode. /* Work out API key */ $rawApiKey = NULL; if ( \IPS\Request::i()->isCgi() and isset( \IPS\Request::i()->key ) ) { $rawApiKey = \IPS\Request::i()->key; } else { if ( isset( $_SERVER['PHP_AUTH_USER'] ) ) { $rawApiKey = $_SERVER['PHP_AUTH_USER']; } else { foreach ( $_SERVER as $k => $v ) { if ( mb_substr( $k, -18 ) == 'HTTP_AUTHORIZATION' ) { $exploded = explode( ':', base64_decode( mb_substr( $v, 6 ) ) ); if ( isset( $exploded[0] ) ) { $rawApiKey = $exploded[0]; } } } } } Thanks I don't know how I managed to misread that in the docs. Got it working in curl
Recommended Posts
Archived
This topic is now archived and is closed to further replies.