堆栈内存溢出
  繁体   English   中英

如何使用Rest API在Processmaker 3.0中创建Logout功能?

[英]How to create a Logout function in Processmaker 3.0 using the Rest API?

 原文  2016-05-09 07:26:24       php/ rest/ cookies/ processmaker

问题描述

我正在Process-maker 3.0中开发一个REST API。 哪个用户可以使用密码oauth2.0授权登录。

我们获得访问令牌并且Oauthcredential.json自动更新。 当用户使用凭据(client_id,client_secret,用户名和密码)登录时,cookie集合。 它指向REST端点,如链接中所示: http//wiki.processmaker.com/3.0/Calling_REST_Endpoints

如果未设置或清除cookie,则应重定向到登录页面,或者当用户单击注销按钮时,它将重定向到登录页面。

登录页面的代码 

'<html><head>
 <meta charset="utf-8">
 <meta http-equiv="X-UA-Compatible" content="IE=edge">
 <meta name="viewport" content="width=device-width, initial-scale=1">  
</head>
<body>
<form action="check_login.php" method="post">
 Client ID<br>
 <input type="text" name="client_id" value="" width=32 /><br>
 Client Secret<br>
 <input type="text" name="client_secret" value="" width=32 /><br>
 Username<br>
 <input type="text" name="username" value="" width=20 /><br>
 Password<br>
<input type="text" name="password" value="" width=20 /><br>
<input type="submit" value="Login"/>
</form>
</body>
</html>

成功登录后,会转到checklogin.php页面 

<?php
$clientId=isset($_POST['client_id']);
$clientSecret=isset($_POST['clientSecret']);
$username=isset($_POST['username']);
$password=isset($_POST['password']);


//change the server address and workspace to match your system:
$pmServer    = "http://127.0.0.1/api/1.0/workflow";
$pmWorkspace = 'workflow';

function pmRestLogin($clientId, $clientSecret, $username, $password) {
  global $pmServer, $pmWorkspace;
  $postParams = array(
  'grant_type'    => 'password',
  'scope'         => '*',       //set to 'view_process' if not changing the process
  'client_id'     => $clientId,
  'client_secret' => $clientSecret,
  'username'      => $username,
  'password'      => $password
   );
 echo "after function";
  $ch = curl_init("$pmServer/oauth2/token");
  curl_setopt($ch, CURLOPT_TIMEOUT, 30);
  curl_setopt($ch, CURLOPT_POST, 1);
  curl_setopt($ch, CURLOPT_POSTFIELDS, $postParams);
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

  $oToken = json_decode(curl_exec($ch));
  $httpStatus = curl_getinfo($ch, CURLINFO_HTTP_CODE);
  curl_close($ch);

  if ($httpStatus != 200) {
  print "Error in HTTP status code: $httpStatus\n";
  return null;
  }
  else if (isset($oToken->error)) {
  print "Error logging into $pmServer:\n" .
     "Error:       {$oToken->error}\n" .
     "Description: {$oToken->error_description}\n";
    }
   else {
  //At this point $oToken->access_token can be used to call REST endpoints.

  //If planning to use the access_token later, either save the access_token
  //and refresh_token as cookies or save them to a file in a secure location.

  //If saving them as cookies:
    setcookie("access_token",  $oToken->access_token,  time() + 60*5);
    setcookie("refresh_token", $oToken->refresh_token); //refresh token doesn't expire
  setcookie("client_id",     $clientId);
  setcookie("client_secret", $clientSecret);


echo "saving cred in file";
  //If saving to a file:
  file_put_contents("oauthCredentials.json", json_encode($oToken));
  //include the path in the filename if not located in the same directory:  

    }

   return $oToken;
 }


 $oToken = pmRestLogin($_POST['client_id'], $_POST['client_secret'],$_POST['username'], $_POST['password']);

if (isset($oToken) and isset($oToken->access_token)) {
 //can now call REST endpoints using $oToken->access_token
 // $oRet = pmRestRequest("GET", "/api/1.0/workflow/users", null, $oToken-  >access_token);
   header("location: cases.php");

 }
?>

成功登录后转到cases.php` 

            <?php
            $pmServer = "http://127.0.0.1"; //set to your ProcessMaker address

            $accessToken = isset($_COOKIE['access_token']) ? $_COOKIE['access_token'] : getAccessToken();

             /*check cookie expired or not*/
              if (empty($accessToken) and isset($_COOKIE['access_token']))
                  $accessToken = $_COOKIE['access_token'];

               if (empty($accessToken)) { //if the access token has expired
                  //To check if the PM login session has expired: !isset($_COOKIE['PHPSESSID'])
                  header("Location: formLogin.php"); //change to match your login method
                  die();
               }
               /***************************/


            $ch = curl_init($pmServer . "/api/1.0/workflow/users");
            curl_setopt($ch, CURLOPT_HTTPHEADER, array("Authorization: Bearer " . $accessToken));
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
            $aUsers = json_decode(curl_exec($ch));
            $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
            curl_close($ch);

            if ($statusCode != 200) {
               /*if (isset ($aUsers) and isset($aUsers->error))
                  print "Error code: {$aUsers->error->code}\nMessage: {$aUsers->error->message}\n";
               else
                  print "Error: HTTP status code: $statusCode\n";*/
              header("Location: formLogin.php"); //change to match your login method
                  die();

            }
            else {
               foreach ($aUsers as $oUser) {
                  if ($oUser->usr_status == "ACTIVE") {
                     print "{$oUser->usr_firstname} {$oUser->usr_lastname} ({$oUser->usr_username})\n";
                  }
               }
            }
            ?>



            <body>
              <div data-role="page">
                  <div data-role="header" data-position="fixed">
                      <h1>My Cases</h1>
                  </div>

                  <div role="main" class="ui-content">
                    <ul data-role="listview" data-inset="false" data-divider-theme="a">
                        <li data-role="list-divider">Home</li>
                        <li><a href="todo-list.html">Inbox</a></li>
                        <li><a href="jlogin.html">Logout</a></li>
                    </ul>
                  </div>

                  <div data-role="footer" data-position="fixed">  
                  </div>
              </div>


            </body>


            </html>`

在cases.php中,当未设置会话ID时,它应该重定向到formLogin.php,但此功能无法正常工作。

提前致谢。

1 个解决方案

解决方案1
 1  2016-07-01 18:09:46

我建议不要使用http代码来检查是否有人登录。原因是:如果有错误代码,例如,404或其他东西不能正常工作,但用户不希望退出,你应该能够在您的应用程序UI中处理它。

相反,我建议使用会话变量来存储访问令牌,然后当用户单击注销按钮时,只需销毁该变量,然后将它们重定向到登录页面。

以下是我使用ProcessMaker rest api构建的应用程序示例,该应用程序允许您通过oauth 2使用授权代码授权类型进行登录,并且还可以处理注销。 我的应用程序和你的应用程序之间的唯一区别是我的是一个用angularjs编写的SPA和你的php。 但概念是相同的。

https://github.com/ethnp/pmangular

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何从yii2中的rest api注销 如何使用他们的 api 3.0 创建/更新大量电子邮件到 Mailchimp 列表? 使用 REST API 获取最后一次注销详情 openfire 如何使用FOSRest和Symfony 3.0正确执行REST API POST调用 如何通过 REST API 在 ZB6BC1DC92696EDCB7DB7CFFD51FZ 上编写“更新或创建” function? 在wordpress中创建function注销 如何在api中注销? 在 Laravel 中使用 Passport PHP:如何使用JWT从API注销 如何使用php在shopify rest api中创建分页 如何在 codeigniter 中创建 Rest API
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM