It's my first using slim 3 framework skeleton project, they say
There is also a skeleton project which will give you a quick-start for a sample application, so use that if you’d rather just have
something working rather than exploring how all the moving parts
work.
In real life it so hard to integrate JSON Web Token Authentication Middleware
I try to following step by step in tutorial but still not working.
Please help me ?
this is my code
middleware.php
$app->add(new \Slim\Middleware\JwtAuthentication([
"path" => "/",
"passthrough" => "/test",
"secret" => "thisissecret"
]));
and my / route
routes.php
$app->get('/',App\MemberController::class);
but the result is like this image below, 401: Unauthorized
You are misunderstanding the parameter secret. It is not the the token. It is the secret key you use to sign the token.
It is up to you how you generate the token. There is for example an online tool. You can also generate token with PHP.
use Firebase\JWT\JWT;
$payload = [
"sub" => "user#example.com"
];
$token = JWT::encode($payload, "thisissecret", "HS256");
Before using JWT is is good idea to read this introduction.
1. Generate Token
Using firebase/php-jwt
$payload = [
"sub" => "user#example.com"
];
$token = JWT::encode($payload,'JWT-secret-key');
2. .htaccess Changes
If using Apache add the following to the .htaccess file. Otherwise PHP wont have access to Authorization: Bearer header
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
3. Middleware
$app->add(new \Slim\Middleware\JwtAuthentication([
"path" => "/api",
"passthrough" => ["/test"],
"secret" => "JWT-secret-key",
"secure" => false,
"callback" => function ($request, $response, $arguments) use ($container) {
$container["jwt"] = $arguments["decoded"];
},
"error" => function ($request, $response, $arguments) {
$data["status"] = "0";
$data["message"] = $arguments["message"];
$data["data"] = "";
return $response
->withHeader("Content-Type", "application/json")
->write(json_encode($data, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT));
}
]));
4. Correct Request
5. Wrong Token Request
Reference Link
if you are using apache server and serve over https protocol then your .htaccess file looks like
RewriteEngine On
RewriteCond %{HTTPS} On
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php [L,QSA]
# Set the headers for the restful api
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "X-Requested-With, Content-Type, Accept, Origin, Authorization"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT, PATCH"
Related
I developed a REST API using php and slim, I am trying to optimize it , for a simple empty request with slim I have 56requests per second , and if I don't use slim I have 259r/s .
What Should I do to reach 259r/s with Slim
-- Index.php
use \Slim\App;
$container=include('Config/Container.php');
$app = new App($container);
$app->get('/metro',function(){
echo "metro";
});
-- container.php
$config = [
'settings' => [
'displayErrorDetails' => true,
'mode'=>'developpement',
'determineRouteBeforeAppMiddleware' => true,
'addContentLengthHeader' => false,
]
];
.htacess
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [QSA,L]
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
php_flag display_errors 1
All frameworks are by definition slower than no-code as there's more going on.
i.e.
<?php
echo 'metro';
is going to be much faster than a Slim application with this code:
use \Slim\App;
$config = include 'Config/Container.php';
$app = new App($config);
$app->get('/metro', function($request, $response){
return $response->write("metro");
});
$app->run();
This is because the Slim application is doing a lot more to enable it to respond to different URLs (routing) and handle error situations. That is the first block of code will not send back a 404 if you go to the /foo URL.
To compare, you need to make the "non-framework" version have the same functionality as the Slim version. The performance difference will be much smaller.
I'm new in Yii2 so I have Brands table with their types ('brand', 'author', 'company') and their slug name so I need the URL like that www.site.com/{brand_type}/{brand_slug} without controller name so how to do that ?
This is commonly called pretty URLs. To do achieve that in Yii2 put this in your app config file under 'components' key
'urlManager' => [
'enablePrettyUrl' => true,
'showScriptName' => false,
'rules' => [
// ...
'<type:\w+>/slug:\w+>' => 'yourcontroller/youraction',
// ...
],
],
The result is that when you passed a URL in the format you specified, your controller will $type and $slug as parameters you can use in your controller which is expected to take the form:
class YourcontrollerController extends YourBaseController
{
...
public function actionYouraction($type, $slug)
{
// Do whatever you want with these variables
}
...
}
Notice that you will need your web server to configure executing your app's index.php even if it is not in the URL. For Apache this can be done, for example, using .httaccess (More details here) :
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php
The Definitive Guide to Yii 2.0 has an excellent section about this topic
I need a little help(I am not a pro),
My .htaccess file looks like this:
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([^/]+)$ url.php?p1=$1 [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([^/]+)/([^/]+)$ url.php?p1=$1&p2=$2 [L]
and I would like to display the content on the basis of number of parameters (on the basis of type(in future))
What I wish to know is
$p1 = $_GET['p1'];
$p2 = $_GET['p2'];
if p2 = ""
{
echo "something";
}
else
{
echo "something";
}
Will the above code work without any issue?
What all errors can occur?
Is there a better way to handle this?
How wordpress handles this?
Note: I wish to display the contents on the basis of more than 3 params and type of params as well.
Generally speaking this isn't the greatest way to go about it. It's better to use a router which basically uses a single htaccess rule to catch all requests where a file/folder doesn't exist and then send them to a single php file. That file then initializes the router which figures out what the parameters are based on patterns matched against the request URI.
For example using the symfony/routing component in index.php:
// this is our index.php
// assuming we installed with composer
// and that the vendor dir is one level up from the document root
require_once __DIR__.'/../vendor/autoload.php';
use Symfony\Component\Routing\Matcher\UrlMatcher;
use Symfony\Component\Routing\RequestContext;
use Symfony\Component\Routing\RouteCollection;
use Symfony\Component\Routing\Route;
// Create a Route Collection
$routes = new RouteCollection();
// lets use an array to define our routes
$routeDefinitions = array(
'foo_archive' => array(
// note the {} wraped parts are params
'path' => '/foo/{p1}/{p2}',
'defaults' => array('controller' => 'foo/archive.php'),
'requirements' => array(
// not a very specific match but lets pretend this matches a
// category or something
'p1'=> '[a-z0-9-_]+',
// matches a date
'p2'=> '[0-9]{4}-[0-9]{2}-[0-9]{2}',
)
// there are other things we can add like options, a requrired host,
// or a specific HTTP mehtod (PUT, GET, POST, etc.)
),
'foo_index' => array(
'path' => '/foo',
'defaults' => array('controller' => 'foo/index.php')
);
);
// let's add our routes
$routeReflector = new \ReflectionClass('Symfony\Component\Routing\Route');
foreach ($routeDefinitions as $name => $def) {
$routes->add($name, $routeReflector->newInstanceArgs($def));
}
$context = new RequestContext($_SERVER['REQUEST_URI']);
$matcher = new UrlMatcher($routes, $context);
$parameters = $matcher->match($_SERVER['PATH_INFO']);
/* so assuming PATH_INFO matched one of our patterns and its
requirements parameters will be an array -
lets pretend PATH_INFO had: /foo/bar/2014-04-20
so we would have an array like:
array(
'controller' => 'archive.php',
'_route' => 'foo_archive',
'p1' => 'bar',
'p2' => '2014-04-20'
)
*/
$controllersDir = realpath(__DIR__ . '/controllers');
$controller = $controllersDir . '/' . $parameters['controller'];
if (file_exists($controller) {
// include our controller and let it do its work
// note that normally you would be instantiating a controller object
// here and invoking some method on it, but for ease of example lets
// just assume it a normal php file with all the logic for the page
include($controller);
} else {
// generate a 500 or 404 error depending on how you want to handle
// it
}
And then your .htaccess would be something like:
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php [QSA,L]
Alternatively, if you are open to it you could use a Microframework like Silex which would wire all this up for you and give an out of the box way to do things.
Silex Example (index.php):
// assuming we installed with Composer
// and that the vendor dir is one level up from the document root
require_once __DIR__.'/../vendor/autoload.php';
$app = new Silex\Application();
// you can define routes as closures like this but normally
// I prefer to use classes... You can look at the docs for
// how to do that: http://silex.sensiolabs.org/doc/usage.html#controllers-in-classes
$app->get('/foo/{p1}/{p2}', function($p1, $p2) use($app) {
// do whatever logic you need to do to render the page
});
$app->get('/foo}', function() use($app) {
// do whatever logic you need to do to render the page
});
$app->run();
I have the following url structures in my Yii2 application
http://127.0.0.1/frontend/web/index.php?r=site%2Flogin
http://127.0.0.1/frontend/web/index.php?r=site%2Fpage2
http://127.0.0.1/frontend/web/index.php?r=site%2Fsample
http://127.0.0.1/frontend/web/index.php?r=site%2Fsignup
How can I convert that URL to something like
http://127.0.0.1/login.php
http://127.0.0.1/page2.php
http://127.0.0.1/sample.php
http://127.0.0.1/signup.php
I should remove frontend/web/index.php?r=site%2F
I tried like and it didn't work
Options -Multiviews
RewriteEngine On
RewriteBase /
# Force search engines to use http://127.0.0.1/frontend/web/
RewriteCond %{HTTP_HOST} !^http://127\.0\.0\.1/frontend/web/$
RewriteRule ^(.*) http://127.0.0.1/frontend/web/$1 [R=301,L]
# Specify search friendly URLs
RewriteRule ^login\.php$ /index.php?r=site%2Flogin [L]
I also tried like and it didn't work too.
RewriteEngine on
RewriteRule ^frontend/web/index.php?r=site%2F([^\./]+) /$1.php [L]
No need to change .htaccess to achieve this. Adjust urlManager component.
Add this to your application config:
'components' => [
'urlManager' => [
'enablePrettyUrl' => true, // Cancel passing route in get 'r' paramater
'showScriptName' => false, // Remove index.php from url
'suffix' => '.php', // Add suffix to all routes (globally)
],
// Compare requested urls to routes
'rules' => [
'login' => 'site/login',
'page2' => 'site/page2',
'sample' => 'site/sample',
'signup' => 'site/signup',
],
],
As for removing controller part from all other routes - it violates key MVC concepts.
How you define to which controller requested action belongs in that case?
And what in case of actions with the same name?
For example: http://127.0.0.1/create.php - should it load site/create or users/create?
Also I don't sure if it's good practice, but you can write comparisons to all routes the same way with rules, but all action names should be unique.
Conclusion: you can modify urls to desired view as I mentioned above, but omitting controller names is only recommended for default controller (SiteController).
Official documentation:
UrlManager
$enablePrettyUrl
$showScriptName
$suffix
$rules
Routing and URL Creation
I have an yii advanced app with frontend and backend.
What I try to achieve is that I can access the frontend with the name of a customer.
Example (local): http://localhost/myproject/frontend/web/customer1 should become http://localhost/myproject/frontend/web/customer1/site/login at first visit
And after login the name of the customer should stay in the URL. At the moment the URL changes after login to http://localhost/myproject/frontend/web/
Info:
customer is a GET parameter. It should always be the first argument after http://localhost/myproject/frontend/web/ but I don't want to specify the argument in each redirect or custom link. I hope there's a way to keep this argument and pass it to each of the following site changes.
What I have tried so far:
'urlManager' => [
'class' => 'yii\web\UrlManager',
'enablePrettyUrl' => true,
'showScriptName' => false,
'enableStrictParsing' => true,
'rules' => [
'<controller>/<action>' => '<controller>/<action>',
'<customer:\w+>' => '/site/login',
]
],
But this is not working. I can only access the login page and afterwards the customer name is not showing anymore in the URL.
My .htaccess file looks like this:
RewriteEngine on
# If a directory or a file exists, use it directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Otherwise forward it to index.php
RewriteRule . index.php
I'm really appreciate any hints on this topic.
To prepend customer name to all urls modify your url rule:
<customer:\w+>/<controller>/<action>' => '<controller>/<action>,
If you now call yii\helpers\Url::to(['site/index', 'customer' => 'customer'])the output will be as you want - /customer/site/index.
Howewer calling it like that in entire project is not flexible approach.
Most of the times Url::to() method is used for generating internal urls.
If you pass array in $route, it will call Url::toRoute(). So you can simply override that method in your custom component.
namespace frontend\components;
use yii\helpers\Url as BaseUrl;
class Url extends BaseUrl
{
public static function toRoute($route, $scheme = false)
{
$customer = ... // Get saved after login customer name (for example from the session)
$route['customer'] = $customer;
return parent::toRoute($route, $scheme);
}
}
Then you can simply call frontend\components\Url::to(['site/index']) to achieve the same result.
Alternative way of customizing helper classes described in official documentation here.
Update:
Also this url rule '<customer:\w+>' => '/site/login', is redundant and the url should be just site/login, because any user before signing in is guest.