"APIUser" requires authentication, and not currently authenticated.
Posted: Fri Feb 24, 2023 12:36 am
I can do a CRUD operation successfully on Postman, but when I try other platforms or another way like creating a script on PHP(using the PHP source code provided on TimeTrex API documentation) or sending a CURL command request on the terminal, I always get "APIUser" requires authentication, and not currently authenticated. But the inputs(like sessionId, class, and method) I used was the same as the Postman I used.
Here's a screenshot that working on Postman:
But when I try to run it on terminal using Curl command that I got from the postman snippet. I will get the "APIUser" requires authentication, and not currently authenticated error.
This same goes to the PHP file I copied from the documentation..
Here's a screenshot that working on Postman:
- Successful request on postman
- Code Snippet - Curl from Postman
Code: Select all
<?php
//Build URL given a Class and Method to call.
//Format is: http://demo.timetrex.com/api/json/api.php?Class=&Method=&SessionID=
function buildURL( $class, $method ) {
global $TIMETREX_URL;
$url = $TIMETREX_URL . '?Class=' . $class . '&Method=' . $method;
return $url;
}
//Handle complex result.
function handleResult( $result, $raw = false ) {
if ( is_array( $result ) && isset( $result['api_retval'] ) ) {
if ( $raw === true ) {
return $result;
} else {
if ( $result['api_retval'] === false ) {
if ( php_sapi_name() == 'cli' ) {
$eol = "\n";
$space = " ";
} else {
$eol = "<br>\n";
$space = "-";
}
//Display any error messages that might be returned.
$output[] = 'Returned:';
$output[] = ( $result['api_retval'] === true ) ? ' IsValid: YES' : ' IsValid: NO';
if ( $result['api_retval'] === true ) {
$output[] = ' Return Value: ' . $result['api_retval'];
} else {
$output[] = ' Code: ' . $result['api_details']['code'];
$output[] = ' Description: ' . $result['api_details']['description'];
$output[] = ' Details: ';
$details = $result['api_details']['details'];
if ( is_array( $details ) ) {
foreach ( $details as $row => $row_details ) {
if ( isset( $row_details['error'] ) ) { //When importing data, each row has its own validation object, which could contain the "error" sub-element.
$tmp_row_details = $row_details['error'];
} else {
$tmp_row_details = $row_details;
}
$output[] = ' Row: ' . $row;
foreach ( $tmp_row_details as $field => $msgs ) {
$output[] = str_repeat( $space, 2 ) .'Field: ' . $field;
foreach ( $msgs as $msg ) {
$output[] = str_repeat( $space, 4 ) .'Message: ' . $msg;
}
}
}
}
}
$output[] = '==============================================================';
$output[] = '';
echo implode( $eol, $output );
}
return $result['api_retval'];
}
}
return $result;
}
//Post data (array of arguments) to URL
function postToURL( $url, $data = null, $raw_result = false ) {
$curl_connection = curl_init();
curl_setopt( $curl_connection, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1 );
curl_setopt( $curl_connection, CURLOPT_URL, $url );
curl_setopt( $curl_connection, CURLOPT_REFERER, $url ); //**IMPORTANT: Referer should always be sent to avoid requests being rejected due to CSRF security checks.
curl_setopt( $curl_connection, CURLOPT_CONNECTTIMEOUT, 600 );
curl_setopt( $curl_connection, CURLOPT_RETURNTRANSFER, true );
curl_setopt( $curl_connection, CURLOPT_SSL_VERIFYPEER, false );
curl_setopt( $curl_connection, CURLOPT_SSL_VERIFYHOST, false );
curl_setopt( $curl_connection, CURLOPT_FOLLOWLOCATION, 0 );
global $TIMETREX_API_KEY;
curl_setopt( $curl_connection, CURLOPT_HTTPHEADER, [ 'Cookie: SessionID='. $TIMETREX_API_KEY ] ); //Send API Key as a cookie.
//When sending JSON data to POST, it must be sent as: json=
// should be an associative array with the first level being the number of arguments, where each argument can be of mixed type. ie:
// array(
// 0 => ,
// 1 => ,
// 2 => ,
// ...
// )
echo "==============================================================\r\n";
echo "Posting data to URL: " . $url . "\n";
if ( $data !== null ) {
$post_data = 'json=' . urlencode( json_encode( $data ) );
curl_setopt( $curl_connection, CURLOPT_POSTFIELDS, $post_data );
echo " POST Data: " . $post_data . "\n";
}
echo "--------------------------------------------------------------\n";
$result = curl_exec( $curl_connection );
curl_close( $curl_connection );
return handleResult( json_decode( $result, true ), $raw_result );
}
/*
Global variables
*/
$TIMETREX_URL = 'http://localhost/timetrex/api/json/api.php';
$TIMETREX_API_KEY = 'APIb577e7a21a99d96f02bd66932fe5ddb37a110018'; //**IMPORTANT** Use the registered API key/Session ID from above.
$arguments = array( 'filter_data' => array(
'id' => '0b8030ad-7c17-4fe4-b517-63f7a221b253'
//'user_name' => 'john.doe567',
)
);
$user_data = postToURL( buildURL( 'APIUser', 'getUser' ), array( $arguments ) );
?>
