Normal
To answer your points on the code:First - - The API is a JQuery Request, and in the code, above I was using Digest PHP Authentication, which I realize now is not easy to implement since you have to return a response, then reply again to gain access. So I am going to use basic authentication so now my code is the following:[CODE]<?php $realm = 'API'; $admins = array('REDACTEDUSER' => 'REDACTEDPASS', 'USER2' => 'PASS2'); if (empty($_SERVER['PHP_AUTH_USER'])) { header('HTTP/1.1 401 Unauthorized'); header('WWW-Authenticate: Basic realm="'.$realm.'"'); print "Sorry, you are not authorized to access this area"; exit; } // Check Login Credentials if (!isset($admins[$_SERVER['PHP_AUTH_USER']])) { header('HTTP/1.1 401 Unauthorized'); header('WWW-Authenticate: Basic realm="'.$realm.'"'); print "Sorry, you are not authorized to access this area"; exit; } if($admins[$_SERVER['PHP_AUTH_USER']] != $_SERVER['PHP_AUTH_PW']){ header('HTTP/1.1 401 Unauthorized'); header('WWW-Authenticate: Basic realm="'.$realm.'"'); print "Sorry, you are not authorized to access this area"; exit; }?>[/CODE]This works and prints the message if it fails to authenticate.[ATTACH=full]11741[/ATTACH]In response to the second and third suggestion - - I will update all returns so it will have the following consistency:[Array]"data" --> Returned Array/Data"message" --> Returned ResponseI will set "data" to be blank if it fails, with the message being unable to authorize, or whatever the issue is.I will look into those API elements, but I would honestly rather re-invent the wheel for this project. Let me explain why -By utilizing these services, I will not have as good of an understanding of how the base level works. With me creating my own Api and handling everything from authentication, to organization, to even routing, I am going to take a lot more away from this. In the future I will be able to use these services, to make programming these apis faster and not having to do it all myself again. The take-away will be more valuable the first time around, in my opinion.[automerge]1607819198[/automerge]Update -I can get data from the page using PostMan but I am unable to return data using Ajax.Could someone tell me what I am doing wrong here:[CODE]var username = 'User';var password = 'Pass';var url = 'http://localhost/app/api/api.php?type=GET&action=phone_exists&phone=5555555555'var postData = {"type" : 'GET',"action" : 'phone_exists',"phone" : input.value,};$.ajax({url: url,type: 'GET',dataType: 'json',data: postData,contentType: 'application/json',beforeSend: function(xhr) {xhr.setRequestHeader("Authorization", "Basic "+btoa(username+':'+password));},success: function(json){alert(json);},error: function(xhr, status, error) {var err = eval("(" + xhr.responseText + ")");alert(err.Message);return true;}});[/CODE][ATTACH=full]11743[/ATTACH]
To answer your points on the code:
First -
- The API is a JQuery Request, and in the code, above I was using Digest PHP Authentication, which I realize now is not easy to implement since you have to return a response, then reply again to gain access. So I am going to use basic authentication so now my code is the following:
[CODE]<?php
$realm = 'API';
$admins = array('REDACTEDUSER' => 'REDACTEDPASS', 'USER2' => 'PASS2');
if (empty($_SERVER['PHP_AUTH_USER'])) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="'.$realm.'"');
print "Sorry, you are not authorized to access this area";
exit;
}
// Check Login Credentials
if (!isset($admins[$_SERVER['PHP_AUTH_USER']]))
{
if($admins[$_SERVER['PHP_AUTH_USER']] != $_SERVER['PHP_AUTH_PW']){
?>[/CODE]
This works and prints the message if it fails to authenticate.
[ATTACH=full]11741[/ATTACH]
In response to the second and third suggestion -
- I will update all returns so it will have the following consistency:
[Array]
"data" --> Returned Array/Data
"message" --> Returned Response
I will set "data" to be blank if it fails, with the message being unable to authorize, or whatever the issue is.
I will look into those API elements, but I would honestly rather re-invent the wheel for this project. Let me explain why -
By utilizing these services, I will not have as good of an understanding of how the base level works. With me creating my own Api and handling everything from authentication, to organization, to even routing, I am going to take a lot more away from this. In the future I will be able to use these services, to make programming these apis faster and not having to do it all myself again. The take-away will be more valuable the first time around, in my opinion.
[automerge]1607819198[/automerge]
Update -
I can get data from the page using PostMan but I am unable to return data using Ajax.
Could someone tell me what I am doing wrong here:
[CODE]var username = 'User';
var password = 'Pass';
var url = 'http://localhost/app/api/api.php?type=GET&action=phone_exists&phone=5555555555'
var postData = {
"type" : 'GET',
"action" : 'phone_exists',
"phone" : input.value,
};
$.ajax({
url: url,
type: 'GET',
dataType: 'json',
data: postData,
contentType: 'application/json',
beforeSend: function(xhr) {
xhr.setRequestHeader("Authorization", "Basic "+btoa(username+':'+password));
},
success: function(json){
alert(json);
error: function(xhr, status, error) {
var err = eval("(" + xhr.responseText + ")");
alert(err.Message);
return true;
});[/CODE]
[ATTACH=full]11743[/ATTACH]