Plugin route Unauthenticated

Kirby 3 Solved ✅
1

Hello,

i am testing the api example from the docs without success.
I added this to the config/config.php

  'api' => [
      'allowInsecure' => true
    ]

this is my module index.php file.

plugins/test/index.php

Kirby::plugin('test/api', [
  'api' => [
    'routes' => [
      [
        'pattern' => 'my-endpoint',
        'action'  => function () {
          return [
            'hello' => 'world'
          ];
        }
      ]
    ]
  ]
]);

{“status”:“error”,“route”:“my-endpoint”,“exception”:“Kirby\Exception\PermissionException”,“message”:“Unauthenticated”,“key”:“error.permission”,“file”:"",“line”:12,“details”:[],“code”:403}

thx!

2

From where are you calling your endpoint? How are you authenticating? If you are using Basic Authentication, you have to allow that in your config as well.

3

Good morning texnixe,

from the browser and postman. I do not have any authentification.
I just want to make an endpoint for simple ajax calls with no auth required.
Am i wrong?

4

The API needs authentication, so to call your endpoint in Postman, you have to first allow Basic Authentication in your config:

   'api' => [
        'allowInsecure' => true,
        'basicAuth' => true
    ],

And secondly add your authentication credential (I use the Rested app, not Postman, but I guess you can add your credentials somewhere in Postman as well).

If you only want an endpoint with no authentication, use a normal route outside the API.

5

my backend auth credentials?

$response = Remote::get('https://yoursite.com/api/pages/example', [
  'headers' => [
    'Authorization: Basic ' . base64_encode($email . ':' . $password)
  ]
]);

$page = json_decode($response->content())->data;
6

Yes, that Basic Authentication example is PHP. To use authentication in JS, you would go down the session based authentication example.

As I said, if you want a simple Ajax endpoint without authentication at all, use a standard route.

7

thanks alot!