Login/Register
Phil Sturgeon's REST server, Codeigniter3, error messages no return on PUT
Asked Answered
phpcodeigniterrestcodeigniter-restserver
O

2

6

I am using Phil Sturgeon's REST server, CI3 and POSTMAN for debugging. I send a PUT with below info, however, I am not receiving the error messages expected.

Here is my form_validation.php:

<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

$config = array(
  'student_put' => array(
    array('field' => 'email_address', 'label' => 'email_address', 'rules' => 'trim|required|valid_email'),
    array('field' => 'password', 'label' => 'password', 'rules' => 'trim|required|min_length[8]|max_length[16]'),
    array('field' => 'first_name', 'label' => 'first_name', 'rules' => 'trim|required|max_length[50]'),
    array('field' => 'last_name', 'label' => 'last_name', 'rules' => 'trim|required|max_length[50]'),
    array('field' => 'phone_number', 'label' => 'phone_number', 'rules' => 'trim|required|alpha_dash'),
  )
);

?>

Here is my method in my controller Api.php:

function student_put(){
    $this->form_validation->set_data($this->put());
    // these are the rules set in config/form_validation.php
    if ($this->form_validation->run('student_put') != FALSE) {
        die('good data');
    } else { 
        $this->response( 
            array(
                'status'=> 'failure', 
                'message'=> $this->form_validation->get_errors_as_array(),
                ), 
            REST_Controller::HTTP_BAD_REQUEST  
        );
    }
}

This is in my libraries folder as MY_Form_validation.php:

<?php

class MY_Form_validation extends CI_Form_validation {

  function __construct($rules = array()) {
      parent::__construct($rules);
      $this->ci =& get_instance();
  }

  public function get_errors_as_array() {
      return $this->_error_array;
  }

  public function get_config_rules() {
      return $this->_config_rules;
  }

  public function get_field_names($form) {
      $field_names = array();
      $rules = $this->get_config_rules();
      $rules = $rules[$form];
      foreach ($rules as $index=> $info) {
          $field_names[] = $info['field'];
      }
      return $field_names;
  }
}

When I put following in POSTMAN:

X-API-KEY          123456
first_name         test
email_address      abc

This is the result I get:

{
  "status": "failure",
  "message": []
}

But I should be getting the validation errors.

As debugging steps, I have confirmed: - no auth errors - the form_validation.php is being read - if I change: 

'message'=> $this->form_validation->get_errors_as_array(),

to 

'message'=> 'test',

the postman returns:

{
"status": "failure",
"message": "test"
}

Any help very much appreciated.

Oology answered 17/4, 2016 at 1:4 Comment(10)
what the setting in application/config/rest.php?Gloss
Which setting in particular are you referring to. I guess I should avoid posting the enter file as very long.Oology
What is the setting of $config['rest_auth'] and $config['rest_enable_keys'] ?Gloss
I am running above with KEYS from keys table. $config['rest_auth'] = FALSE;$config['rest_enable_keys'] = TRUE;$config['rest_key_column'] = 'key'; When I run the PUT without X-API-KEY I get a 403 error as expected. When I insert the correct X-API-KEY I get 200.Oology
Just found out that I may not be getting the data submitted by PUT. I use POSTMAN and made one KEY / VALUE pair first_name and 'Richard'. I assume I can catch the date like this: $data = array('email_address' => $this->put('email_address')); ... or ... echo like this: print_r($this->put('email_address')); Unfortunately, nothing is captured or displayed. Any help appreciated.Oology
@Gloss and anyone: Cannot get data from put even with this: function student_put(){ $data = array('returned: '. $this->put('last_name')); $this->response($data); } In POSTMAN, I made a key pair last_name and value MREXAMPLE. The out put is: [ "returned: " ]Oology
ok, seems like I am not the only one who has this problem. github.com/chriskacerguis/codeigniter-restserver/issues/641Oology
it can be because your setting, $config['rest_auth'] = FALSE; $config['rest_enable_keys'] = TRUE; $config['rest_key_column'] = 'key'; if you $config['rest_enable_keys'] = TRUE; at least $config['rest_auth'] = 'basic' or $config['rest_auth'] = 'digest';Gloss
@Gloss thanks for that reply. I get a 200 notice though. When I change the key I get 403 as expected. Would I still receive 200? Will try this evening and let you know.Oology
@Gloss Thanks for above but I am not sure if the guidance you have provided is correct. I have changed to 'basis' and now I receive the error { "status": false, "error": "Unauthorized" }. Are you sure that with KEYS it is also required to use $config['rest_auth'] set to basic etc? I am not having any problems at all when I use get without $config['rest_auth'] set. For example; localhost:8000/Api/student/1Oology
G
3

you must read this link,

http://code.tutsplus.com/tutorials/working-with-restful-services-in-codeigniter-2--net-8814

if you use apikey, you must set 

    $config['rest_auth'] = 'basic'
    $config['rest_enable_keys'] = TRUE;

also make a table in database for storing api key 

CREATE TABLE `keys` (
    `id` INT(11) NOT NULL AUTO_INCREMENT,
    `user_id` INT(11) NOT NULL,
    `key` VARCHAR(40) NOT NULL,
    `level` INT(2) NOT NULL,
    `ignore_limits` TINYINT(1) NOT NULL DEFAULT '0',
    `is_private_key` TINYINT(1)  NOT NULL DEFAULT '0',
    `ip_addresses` TEXT NULL DEFAULT NULL,
    `date_created` INT(11) NOT NULL,
    PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

insert into that database minimum 1 row, the important column only key, it is the apikey

the apikey must contains 40 digits alphanumeric for security reasons

and again, you must read documentation, and the rest.php in application/config

    $config['rest_valid_logins'] = ['admin' => '1234'];

that login is set by default, so you must insert that login in your header of client request, etc

    http_user           'admin'
    http_pass           '1234'
    X-API-KEY           '123456'
    first_name          test
    email_address       abc

if that header not work, try this

    http_user           'admin'
    http_pass           '1234'
    api_name            'X-API-KEY'
    api_key             '123456'
    first_name          test
    email_address       abc

if you have try request like this before with your

    $config['rest_auth'] = FALSE

actually you not yet securing your api webservice

Gloss answered 21/4, 2016 at 1:50 Comment(7)
Maybe you did not see my last comment? I have no authentication errors. I am able to obtain data from my db using only keys using GET + localhost:8000/Api/student/1 (If I change the key, I do get 403 error. With correct one I get 200). The problem I am having is with PUT (not authentication). Response received: {"status": "failure", "message": []} FYI, yes, am using a keys tables, etc. FYI, rest.php states MAX 40 chars for key. It can be less, in my case, 6 chars. In config, there is a setting, Allow Authentication and API Keys mean FALSE for just Keys and TRUE for both.Oology
Do you mean in order to use PUT, I must use KEYS and, at minimum, BASIS auth?Oology
Here is an identifical copy of the code I am using: github.com/alexmarton/RControl Just download and replace files in a fresh copy of codeigniter. The code is from a tutorial.Oology
you must use authentication in all type of activities get, post, put, delete, and because of it, this technique of webservice called REST (Representational state transfer)Gloss
I use GET will only KEYS and it works fine. Please show me where in the documentation that authentication is required (eg other than just keys).Oology
you must read the rest.php in application/config, there are some comments you must read wellGloss
thanks but can you highlight what? Obviously have gone through the config. As stated I am able to use just KEYS and it works. Do you know otherwise?Oology
O
0

I was placing the PUT variables in the Headers tab within POSTman.

Only the X-API-KEY belongs in the request header. The rest of the data (e.g. email_address, first_name, etc) should be passed in the request body (e.g. from within the Body tab of POSTman).

All works correctly now.

Oology answered 28/4, 2016 at 3:38 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.