Can't connect via API

Issue #410 new
Ignacio Feijoo created an issue

I have a user "api" and can login via web form, but can't login via api.

Script:

curl -i -H "Accept: application/json" \
    -H "ZURMO_AUTH_USERNAME: api" \
    -H "ZURMO_AUTH_PASSWORD: *********" \
    -H "ZURMO_API_REQUEST_TYPE: REST" \
    -XPOST 'http://crm.dreamserver.com.ar/app/index.php/zurmo/api/login' ; echo

Result:

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2016 20:09:26 GMT
Server: Apache/2.2.22 (Debian)
X-Powered-By: PHP/5.4.45-0+deb7u5
Set-Cookie: PHPSESSID=u85blp821pp80fsattv8rv1t86; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 76
Content-Type: text/html

{"status":"FAILURE","data":null,"message":"Sign in required.","errors":null}

My test is with _ and - in the headers.

Comments (9)

  1. Ignacio Feijoo reporter

    is the same with this php script:

    <?php
    class ApiRestHelper
    {
        public static function createApiCall($url, $method, $headers, $data = array())
        {
            if ($method == 'PUT')
            {
                $headers[] = 'X-HTTP-Method-Override: PUT';
            }
    
            $handle = curl_init();
            curl_setopt($handle, CURLOPT_URL, $url);
            curl_setopt($handle, CURLOPT_HTTPHEADER, $headers);
            curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
            curl_setopt($handle, CURLOPT_SSL_VERIFYHOST, false);
            curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, false);
    
            switch($method)
            {
                case 'GET':
                    break;
                case 'POST':
                    curl_setopt($handle, CURLOPT_POST, true);
                    curl_setopt($handle, CURLOPT_POSTFIELDS, http_build_query($data));
                    break;
                case 'PUT':
                    curl_setopt($handle, CURLOPT_CUSTOMREQUEST, 'PUT');
                    curl_setopt($handle, CURLOPT_POSTFIELDS, http_build_query($data));
                    break;
                case 'DELETE':
                    curl_setopt($handle, CURLOPT_CUSTOMREQUEST, 'DELETE');
                    break;
            }
            $response = curl_exec($handle);
            return $response;
        }
    }
    
    
    function login($username, $password){
        $headers = array(
            'Accept: application/json',
            'ZURMO-AUTH-USERNAME: ' . $username,
            'ZURMO-AUTH-PASSWORD: ' . $password,
            'ZURMO-API-REQUEST-TYPE: REST',
        );
        print_r($headers);
        $response = ApiRestHelper::createApiCall('http://crm.dreamserver.com.ar/app/index.php/zurmo/api/login', 'POST', $headers);
        $response = json_decode($response, true);
        print_r($response);
        if ($response['status'] == 'SUCCESS')
        {
            return $response['data'];
        }
        else
        {
            return false;
        }
    }
    
    $data = login("admin","****"); # admin is the admin user, not found with api user
    print_r($data);
    ?>
    
  2. Ignacio Feijoo reporter

    Is a new install, i only create user "api" and nathing more. Yes, "api" has api access.

  3. Ignacio Feijoo reporter
    localhost:~ # bash /tmp/api.sh 
    HTTP/1.1 200 OK
    Date: Thu, 06 Oct 2016 12:17:08 GMT
    Server: Apache/2.2.15 (CentOS)
    X-Powered-By: PHP/5.4.11
    Set-Cookie: PHPSESSID=bej10pl7po7p1h2e4lc2097jj0; path=/
    Expires: Thu, 19 Nov 1981 08:52:00 GMT
    Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    Pragma: no-cache
    Set-Cookie: PHPSESSID=uhqdr5qp7vq0qlobi7ij16oe00; path=/
    Content-Length: 142
    Connection: close
    Content-Type: text/html; charset=UTF-8
    
    {"status":"SUCCESS","data":{"sessionId":"uhqdr5qp7vq0qlobi7ij16oe00","token":"00dcd3c1139159c85ad37ee802611922"},"message":null,"errors":null}
    localhost:~ # cat /tmp/api.sh 
    curl -i -H "Accept: application/json" \
        -H "ZURMO_AUTH_USERNAME: super" \
        -H "ZURMO_AUTH_PASSWORD: super" \
        -H "ZURMO_API_REQUEST_TYPE: REST" \
        -XPOST 'http://demo.zurmo.com/demos/stable/app/index.php/zurmo/api/login' ; echo
    
  4. Gabriel Shahzad

    So you're able to connect to the demo. Then I'd wager something is wrongly configured on your server.

  5. Josef Florian Glatz

    Hi, we also had the problem after migrating Zurmo to new Server. When you use Apache 2.4 you must change the underscores _ to dashes -

    ZURMO-API-REQUEST-TYPE
    ZURMO-AUTH-USERNAME
    ZURMO-AUTH-PASSWORD
    
  6. Gabriel Shahzad

    Great to see you were able to manage to fix this, but which underscores were you talking about?

  7. Log in to comment