API Espo-Authorization

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • thetoad01
    Junior Member
    • Apr 2017
    • 11

    API Espo-Authorization

    I've been stuck for a week on the api call for the "Espo-Authorization"

    When I run some tests pages that are on a server with the same IP address as a test EspoCRM instance I can call to the App/user and get WAY more data than is listed in the api documentation.

    I then moved the application/module to another server and cannot get the App/user call to work at all. Constantly getting a 401 cross-domain error.

    Has anyone else run into this issue? Is there better documentation on using the authentication api anywhere?
  • thetoad01
    Junior Member
    • Apr 2017
    • 11

    #2
    Here is the new code that I'm trying (using php instead of jquery). I get a response from the server for some reason I cannot seem to get any data.

    $url = 'http://ServerIpAddress/~espocrm/espo/api/v1/User/unique_user_id';

    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    $output = curl_exec($ch);
    if($output === false) {
    $info = curl_getinfo($ch);
    curl_close($ch);
    die('error occured during curl exec. Additioanl info: ' . var_export($info));
    }
    curl_close($ch);

    var_dump($output);

    Comment

    • tanya
      Senior Member
      • Jun 2014
      • 4308

      #3
      http://forum.espocrm.com/forum/devel...empty-response the you can find the file with authorization as well
      For now Espo is using basic authorization

      Comment

      • thetoad01
        Junior Member
        • Apr 2017
        • 11

        #4
        Thanks for the note. I was hoping to be able to pick up the token to authenticate across apps.

        I'll attempt to write a JWT app to serve the authentication (unless someone has already written one).

        --------------------------------------------
        I was able to get the authentication work. Not sure if this is the cleanest code but it works.

        if(isset($_POST['login'])) {
        $userName = secure($_POST['username']);
        $password = secure($_POST['password']);

        $url = 'https://DOMAIN/espo/api/v1/App/user';

        $ch = curl_init($url);
        curl_setopt($ch, CURLOPT_HEADER, 0);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_USERPWD, $userName . ':' . $password);
        curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
        $output = curl_exec($ch);
        if($output === false) {
        $info = curl_getinfo($ch);
        curl_close($ch);
        die('error occured during curl exec. Additioanl info: ' . var_export($info));
        }
        curl_close($ch);

        if($output == "") {
        header("Location:index.php?message=error");
        exit;
        } else {
        $data = json_decode($output, true);
        $_SESSION['user_id'] = $data['user']['id'];
        $_SESSION['first_name'] = $data['user']['firstName'];
        $_SESSION['last_name'] = $data['user']['lastName'];
        header("Location:dashboard.php");
        exit;
        }
        } else {
        header("Location:index.php?message=unauthorized");
        exit;
        }
        Last edited by thetoad01; 04-25-2017, 08:48 PM.

        Comment


        • marcbeinder
          marcbeinder commented
          Editing a comment
          I just tried this script but it doesn't appear to be working. Has there been a substantial change in authentication since this script was written? Is there an updated one?
      Working...