I am new to API. I want to know how to use API for Username/Password to my joomla website login page.
Depending upon login and password i want to access the third party portal. I downloaded com_api . I dont know how to use it.
Please help me to solve this issue.
I want to use below id/code to my joomla website.
Headers :
Content-Type : application/json
Authorization : Basic *************************
Body :
{
"refreshToken":"************",
"userName":"*************",
"password":"**********"
}
Thanks a lot...
Regards,
Mahalakshmi
You will need to create a plugin that will implement the event onUserAuthenticate event. In your code, you will check match the username and the password against your 3rd party user database (api) and you will proceed accordingly.
Essentially, the plugin must be an authentication plugin, so take a look at how the plugins\authentication\gmail plugin is written.
No need to use com_api (at least for what you want to do).
Related
I have made an api in laravel with socialite and github and I need to log out so that the application asks me with which github account I want to log in every time.
What you are asking is how to logout from your registered user (which used Github) and destroy the oAuth session of github?
Maybe have a look at this:
laravel socialite logout issue
OK.
If you are using socialite, do check the documentation of each provider you use. Probably you should make a GET or a POST request to their service in order to log out the user.
For example, Globus.org uses this link (documentation link) in order for you to log out your users:
GET https://auth.globus.org/v2/web/logout
Clicking it will log out your user from your service.
Do note that most provider might use similar techniques.
Use POSTMAN to make such requests and experiment (especially when you are trying to register users, making calls with POSTMAN might seem helpful)
Then you are faced with the following issue:
What type of data did you store on you database? (the next bullet might help you understand what I mean)
Did you store in some way, the provider name the user used to login to your system?
If so, each provider might use a different way to log out / register a user from your Laravel project.
I just installed Directus, but I have to create the HTML interface, and I can't extract the data via the API. How can I use the static API? That is, with some kind of static token (the front will do it with PHP).
I have the Directus suite (APP + API https://github.com/directus/directus) installed and the HTML will be hosted on the same server.
Directus has built-in static tokens that can be assigned to any Directus User, and inherits that user's permissions. You can set this static token in directus_users.token (plaintext), and then use it to authenticate to the API. This is less secure than the other auth methods, but that depends on how you use it.
https://docs.directus.io/api/reference.html#tokens
The other option would be to set the data you need to "public". Obviously that only works if that data is public (READ)... but that is the case for many websites.
Thanks RANGER, I have the following installation:
URL:
https://cms.domain.com/public/ (APP + API Directus)
I have reviewed the column of the table you comment, and there is indeed a token already established:
BGJFwQ1KlHnH91V2oIwMbOsG
$contents = file_get_contents('https://cms.domain.com/public/_/collections/categories?access_token=BGJFwQ1KlHnH91V2oIwMbOsG');
var_dump($contents);
But it does not work, I have read the documentation more than 10 times and I have been with the subject for days, I wanted to solve it myself, but I cannot find the error using file_get_contents () or curl in PHP to call the API.
The Directus ADMIN is in:
https://cms.domain.com/public/admin/#/
I have taken the token from the ADMIN user, and therefore I understand that you have all the permissions to use the API. In the example, I wanted to list the "categories" (collection), which have 3 records.
Solved: curl https://cms.domain.com/public/name-of-project/collections?access_token=BGJFwQ1KlHnH91V2oIwMb34343G
Solved: I should use the **project name instead of "_" (default project).**
I am sorry that it is such a basic mistake, but I have come across several people with this problem.
I have implemented a login form manually in Twig and I am using the default authentication provided by Symfony 3.4 (based on username and password). Users are stored in a database, therefore I have an Entity which extends AdvancedUserInterface. I am using neither FOSUserBundle nor form builder. Just a simple form. It actually works.
The problem is that I want to integrate Google reCAPTCHA in the login process. I know how to check if the captcha is valid and implemented a custom AuthenticationListener (let's call it MyAuthenticationListener).
I know that Symfony uses UsernamePasswordFormAuthenticationListener as its default listener. The problem is that I could not find a way to change the used listener to that I have implemented.
It seems that in Symfony2 it was as easy as adding the following line in the config.yml:
parameters:
security.authentication.listener.form.class:
MyBundle\EventListener\MyAuthenticationListener
However, I cannot find a way for Symfony3. Any suggestions?
I also tried to find a specific bundle for Symfony3, but I actually could not find anything that is correctly integrated with Symfony Security, allowing me to use the recaptcha in a login form.
Thank you
Your question may be answered here:
https://stackoverflow.com/a/50800993/7408561
The solution is based on a custom-listener triggered by SecurityEvents::INTERACTIVE_LOGIN. That event is fired after verification of credentials but before redirecting to default_target_path defined in security.yml. At this position you can verify the request parameter g-recaptcha-response by calling the google recaptcha api with the corresponding secret.
If the verification fails you can throw an exception and you will be redirected to the login page.
I have a OData Server which returns me a json.
When I accessing the URL through a browser i need to input the username/password.
Doesn't accept the entries which I do in the pop-up. Need to cancel it and then it shows me a dialog box after which i can see the required json.
I am not able to figure out the kind of authentication in use.
Using basic authentication in Postman client is not working.
Any suggestions as to how do I go about using this URL both in postman and inside an Anuglar JS or Node JS program.
You can install interceptor in postman. Go to cookies tab next to body and install the interceptor then turn it on.After installing interceptor you can login with your user/pass and then send your request.
See this picture.enter image description here
Thanks for the input.
But I got access to the code implementation which is accessing the URI which I want.
So There is a Sharepoint/C# application in the universe which is doing a Forms based authentication to get the data required. :/
Will try to reverse engineer that get it working in my Node App.
Cheers. :)
I want to intergrate alfresco with web application. i.e i have created a login page for my application.Now i want to use the same username and password to login to alfresco so that i dont have to login again using alfresco login page. Can anyone help me out in this?
Thanks and regards,
than1234
Please refer to login in http://wiki.alfresco.com/wiki/Repository_RESTful_API_Reference
Also look for SSO (Single-Sign On)... it would not only avoid your users to re-login to Alfresco, but to other applications. There is information in the manual, the wiki.alfresco.com site, and just by Googling. There are multiple ways to doing it, and choosing will depend on the protocols that you are using. Happy SSO'ing!
Look at this: http://wiki.alfresco.com/wiki/Repository_RESTful_API_Reference#Login
When you make a HTTP GET request to "/alfresco/service/api/login?u={username}&pw={password?}" you get alf_ticket back which you then use in following request instead of loging in each time.
You just append "&alf_ticket=YOUR_TICKET" in your requests... :)