serweb-labs / bolt-rest-api Goto Github PK

View Code? Open in Web Editor NEW

14.0 1.0 7.0 89 KB

Rest Api for Bolt 3

PHP 100.00%

bolt-rest-api's Introduction

Rest Api for Bolt

The backend for your applications.

Use Rest with JWT (json web token)
Create, update, index and retrieve content in json
Follow the "json api" specification
Extensible (soon documentation!)

Use

Login with JWT.

curl -X POST -H "https://example.com/auth/login?username=myuser&password=mypass"

Get the TOKEN.

the token is returned in the login response, in the X-Access-Token Header

X-Access-Token →Bearer eyJ0eXAiOiJKV165QiLCJh6G75d7iJIUzI1NiJ9.eyJpYXQiOjE0N57jQ1NMDgsImV4cCI6MTQ2NDU1ODE0NCwiZGF0YSI6eyJpZCI6InhuZXQifX0.dm7XqR91-Wl6zC9jupVVcu4khQz_LOq0cYf56BXHTIw

Get list a contents : USE GET REQUEST

curl -X GET -H "Accept: application/json" -H "Authorization: Bearer here.myauth.token" -H "https://example.com/api/pages"

"filter" param

refine your result, use "||" ">" or "<"

curl -X GET -H "Accept: application/json" -H "Authorization: Bearer here.myauth.token" -H "https://example.com/api/pages?&filter[brand]=foo&filter[model]=bar&filter[status]=draft"
curl -X GET -H "Accept: application/json" -H "Authorization: Bearer here.myauth.token" -H "https://example.com/api/pages?&filter[brand]=car&filter[brand]=bmw || fiat"
curl -X GET -H "Accept: application/json" -H "Authorization: Bearer here.myauth.token" -H "https://example.com/api/pages?&filter[brand]=car&filter[id]=>100"

"deep" filter

when deep is enabled, the relationships be treated as one more field of content, useful if for example I want to search for content by the username, working with "filter" param.

curl -X GET -H "Accept: application/json" -H "Authorization: Bearer here.myauth.token" -H "https://example.com/api/pages?filter[contain]=john&filter[deep]=true"

"related" filter

refine your result according the related content

curl -X GET -H "Accept: application/json" -H "Authorization: Bearer here.myauth.token" -H "https://example.com/api/pages&related=clients:5,10"

"unrelated" filter

exclude from the results content that is related to certain content type

curl -X GET -H "Accept: application/json" -H "Authorization: Bearer here.myauth.token" -H "https://example.com/api/review?filter[unrelated]=report:1"

"fields" param

limit the format of the result to the fields in the parameter

curl -X GET -H "Accept: application/json" -H "Authorization: Bearer here.myauth.token" -H "https://example.com/api/review?fields=title,details"

"page" param

paginate the results according this param, or return specific page

curl -X GET -H "Accept: application/json" -H "Authorization: Bearer here.myauth.token" -H "https://example.com/api/review?page[size]=10&page[num]=2"

"order" param

order the result by field or metedata, use "-" prefix with invert the natural order

curl -X GET -H "Accept: application/json" -H "Authorization: Bearer here.myauth.token" -H "https://example.com/api/review?order=status"
curl -X GET -H "Accept: application/json" -H "Authorization: Bearer here.myauth.token" -H "https://example.com/api/review?order=title"
curl -X GET -H "Accept: application/json" -H "Authorization: Bearer here.myauth.token" -H "https://example.com/api/review?order=-title"

Use the response headers as pagination helpers

'X-Total-Count' // total 
'X-Pagination-Page' // actual page
'X-Pagination-Limit' // limit by page

Retrieve one content: USE GET REQUEST

curl -X GET -H "Accept: application/json" -H "Authorization: Bearer here.myauth.token" -H "https://example.com/api/pages/1"

Create content: USE POST REQUEST and send the data in the body

curl -X POST -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Bearer here.myauth.token" -H "https://example.com/api/pages/1"

Update content: USE PATCH REQUEST and send the data in the body

curl -X PATCH -H "Accept: application/json" -H "Content-Type: application/merge-patch+json" -H "Authorization: Bearer here.myauth.token" -H "https://example.com/api/pages/1"

Delete content: USE DELETE REQUEST for delete a content

If all goes well, the response should be a "204, not content" curl -X DELETE -H "Accept: application/json" -H "Authorization: Bearer here.myauth.token" -H "https://example.com/api/pages/1"

About REST and JWT

bolt-rest-api's People

Contributors

Stargazers

Watchers

Forkers

spivegin mamoot64 iskyd kouz75 victorkurauchi naph colorando-de

bolt-rest-api's Issues

Uncaught Exception: FatalErrorException

Bolt 3.4.6 with Rest 1.2.

At line $count = ($options['pagination']->count)(); it fails with the following error.

Uncaught Exception: FatalErrorException .
FatalErrorException in JsonApi.php line 200: 
Parse Error: syntax error, unexpected '('

            "${params['ct']}/latest",
            $options
        );

        // pagination
        $count = ($options['pagination']->count)();
       

        return array("content" => $results, "count" => $count);
    }

Removing that line, will continue with the following error: #6

Any plans on maintaining this project or is it archived?

Get JWT Token

Hi,

Actually, the JWT token is serve in the HEADER response.

It would be better, to serve JWT Token in the body, like follow :

{
   "token" : "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9.eyJleHAiOjE0MzQ3Mjc1MzYsInVzZXJuYW1lIjoia29ybGVvbiIsImlhdCI6IjE0MzQ2NDExMzYifQ.nh0L_wuJy6ZKIQWh6OrW5hdLkviTs1_bau2GqYdDCB0Yqy_RplkFghsuqMpsFls8zKEErdX5TYCOR7muX0aQvQxGQ4mpBkvMDhJ4-pE4ct2obeMTr_s4X8nC00rBYPofrOONUOR4utbzvbd4d2xT_tj4TdR_0tsr91Y7VskCRFnoXAnNT-qQb7ci7HIBTbutb9zVStOFejrb4aLbr7Fl4byeIEYgp2Gd7gY"
}

Moreover, from the RFC 7519, HEADER must have the following informations :

{
       "typ":"JWT",
       "alg":"HS256"
}

What do you think about this minor changes ?

Undefined index: status

Uncaught Exception: ContextErrorException .

ContextErrorException in JsonApi.php line 73:
Notice: Undefined index: status

I'm usign Bolt 3.3.6

How to filter a field that is an array?

test1 = { field: ["Baker", "Marketing"] }

http.get(endpoint/api/model?filter[field]=["Baker"] || ["Marketing"])
the return is empty

http.get(endpoint/api/model?filter[field]=["Baker"])
the return is empty

http.get(endpoint/api/model?filter[field]=["Marketing"])
the return is empty

http.get(endpoint/api/model?filter[field]=["Marketing", "Baker"])
the return is empty

http.get(endpoint/api/model?filter[field]=["Baker", "Marketing"])
the return is test1

ContextErrorException in JsonApi.php line 248

Error occurs on calling Api. The line throwing the error is:
$options = (count($q > 0)) ? array_merge((array) $options, (array) $q) : $options;

I think it should become this:
$options = (count($q) > 0) ? array_merge((array) $options, (array) $q) : $options;

already fixed by Naph, so created pull request for his fork: #11

Extension doesn't work

Hi,

It's seems that extension doesn't work on Bolt 3.2.13
I think that the base config.yml.dist is not complete.
I have errors in the RestController because some config keys aren't defined.

// readMultipleContentAction & readContentAction
$isSoft = $this->config['delete']['soft'];
$softStatus = $this->config['delete']['status'];

Can you explain what is these config parts ?

Moreover,

// readMultipleContentAction 
if (array_key_exists('only_published', $this->config) && $this->config['only_published']) {
    $status = "published";
}

instead of

// readMultipleContentAction 
if ($this->config['only_published']) {
    $status = "published";
}

==> throw an Error

Thank's for your answer and your time.

Nicolas

Error when getting content

Uncaught Exception: ContextErrorException .

ContextErrorException in RestController.php line 201:
Notice: Undefined index: user

Bolt version is: 3.3.2

Cannot login with jwt

Using the curl command provided in the readme, some other variations, I can't authenticate at all.

Here's the sample command from the readme (obviously I replaced example.com, myuser and mypass with my domain and username/password settings from the extension config file:
curl -X POST -H "https://example.com/auth/login?username=myuser&password=mypass"
I get the response: curl: no URL specified!

When I remove the - H:
curl -X POST "https://example.com/auth/login?username=myuser&password=mypass"
The following HTML is returned:
`<title>Access Denied</title>

The page you are trying to access is restricted due to a security rule.

If you believe the security rule is affecting the normal operation of your website, contact your host support team and provide detailed instructions how to recreate this error.
They will be able to assist you with rectifying the problem and adjusting the security configuration if needed.

When I visit the url directly in Google Chrome I get this error:
MethodNotAllowedHttpException in RouterListener.php line 183:
No route found for "GET /auth/login": Method Not Allowed (Allow: POST, OPTIONS)

Are there some configuration steps missing from the readme?

Thanks,
Strak