not logged in?

pyroxide · June 10, 2015, 07:48:19 AM

I'm having trouble with my customer API. Immediately after getting a successful login response and parsing the token from it, the cart says that I am not logged in. I'm using version 1.2.2.

my log is attached.

pyroxide · June 10, 2015, 02:35:00 PM

I discovered that the test_api.php works on my web server but I am still having trouble with the login from my app.

eCommerce Core · June 11, 2015, 07:00:39 AM

Do you have HTTPS enabled?
Can you post exact request and response?

pyroxide · June 11, 2015, 07:58:23 AM

using SSL

this is my log:

POSTed login form:
URL: https*
rt=a/account/login
email=my e-mail
password=password
UnityEngine.MonoBehaviour:print(Object)
<PostLogin>c__Iterator4:MoveNext() (at Assets/Scripts/RequestController.cs:791)

{"status":1,"success":"Logged in","token":"43c3ed78a8b12bc7d01f6193cd47cafe"}
UnityEngine.MonoBehaviour:print(Object)
<PostLogin>c__Iterator4:MoveNext() (at Assets/Scripts/RequestController.cs:792)

token=43c3ed78a8b12bc7d01f6193cd47cafe
UnityEngine.MonoBehaviour:print(Object)
<PostLogin>c__Iterator4:MoveNext() (at Assets/Scripts/RequestController.cs:806)

verifying still logged in..
UnityEngine.MonoBehaviour:print(Object)
<PostLogin>c__Iterator4:MoveNext() (at Assets/Scripts/RequestController.cs:814)

POSTed login form:
URL: https*
rt=a/account/login
token=43c3ed78a8b12bc7d01f6193cd47cafe
UnityEngine.MonoBehaviour:print(Object)
<PostLogin>c__Iterator4:MoveNext() (at Assets/Scripts/RequestController.cs:821)

HEADERS: STATUS=HTTP/1.1 401 Unauthorized
DATE=Thu, 11 Jun 2015 11:48:29 GMT
SERVER=Apache
X-POWERED-BY=PHP/5.3.29
EXPIRES=Thu, 19 Nov 1981 08:52:00 GMT
CACHE-CONTROL=no-store, no-cache, must-revalidate, post-check=0, pre-check=0
PRAGMA=no-cache
ACCESS-CONTROL-ALLOW-ORIGIN=
ACCESS-CONTROL-ALLOW-CREDENTIALS=true
SET-COOKIE=currency=USD; expires=Sat, 11-Jul-2015 11:48:29 GMT; path=/; domain=www.*.com
TRANSFER-ENCODING=chunked
CONTENT-TYPE=application/json

UnityEngine.Debug:Log(Object)
<PostLogin>c__Iterator4:MoveNext() (at Assets/Scripts/RequestController.cs:832)

{"status":0,"request":"unauthorized"}
UnityEngine.MonoBehaviour:print(Object)
<PostLogin>c__Iterator4:MoveNext() (at Assets/Scripts/RequestController.cs:834)

eCommerce Core · June 11, 2015, 08:40:21 AM

When you do login request and later you pass the token, are these both requests sent via HTTPS to the same domain?

eCommerce Core · June 11, 2015, 09:21:42 AM

Are you using callback? This might be related to cross domain issue.

http://www.abantecart.com/document_wiki/index.php/Storefront_API_for_mobile_and_remote_access

pyroxide · June 11, 2015, 01:33:33 PM

~~Same domain.~~ No callback.

EDIT: The requests are being sent from either mobile devices or my home computer.

eCommerce Core · June 12, 2015, 11:19:01 AM

Try callback. I suspect this can be related to cross domain

pyroxide · June 15, 2015, 03:08:28 PM

I tried allowing cross-domain via htaccess. Headers reflected change, but I am still getting "401 Unauthorized". Perhaps I need to change a file in the shopping cart?

I'm coding everything in C#, not JQuery or JavaScript. I have no idea if callback is even possible in this case as my parser (SimpleJSON) does not have this feature.

pyroxide · June 15, 2015, 03:53:29 PM

I probably just don't understand callback.

eCommerce Core · June 16, 2015, 03:20:29 PM

Quote from: pyroxide on June 15, 2015, 03:08:28 PM
I tried allowing cross-domain via htaccess. Headers reflected change, but I am still getting "401 Unauthorized". Perhaps I need to change a file in the shopping cart?

I'm coding everything in C#, not JQuery or JavaScript. I have no idea if callback is even possible in this case as my parser (SimpleJSON) does not have this feature.

Probably cross-domain is not an issue here.
We need to debug this some how. You can enable debug log 5 (settings -> system) to save to log file and run login and later access with the token. Let's see what is happening.

News:

not logged in?