News:

SMF 2.1.4 has been released! Take it for a spin! Read more.

Main Menu

Using SSI Login as a API

Started by Starz0r, September 26, 2015, 04:08:16 PM

Previous topic - Next topic

Starz0r

Bet your getting tired of me posting here :)

Anyway, I've looked at the SSI Examples and need to know if these can be used as a public API. I want people to be able to use their logins on games that the community makes, and I have to make a downloadable client, but don't want to give out database password in order for it to work and get hacked. The API also has to work as a JSON request because most of the games in the community are made in GameMaker and that software has built in Post requests for decoding JSON files.

thanks again.

Kindred

No...   SSI is different from an API.   SMF *DOES* have an API (see the wiki)

http://wiki.simplemachines.org/smf/Category:Integrating_SMF
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Starz0r

Quote from: Kindred on September 26, 2015, 07:21:27 PM
http://wiki.simplemachines.org/smf/Category:Integrating_SMF

I think this would be pretty good, but I need a public API. Something around the lines of oAuth or each account having a Token that they can use, I don't want people to be able to use their passwords in User-Made Games. That can create some huge security problems. If it is impossible to make with the Vanilla API, then I'll look into modding it in, if I know where to look for Hooks.

ziycon

You could easily write an simple interface that validates a users details against the SMF database using SSI, with a little bit of work it's quite possible.

Starz0r

Started writing the interface and using the following code gave me a 500 Internal Server Error


<?php require_once('path/to/forum/SSI.php'); ?>


Obviously, the /path/to/forum/ is replaced with the path to the actual path, but it just gives me an error when adding it to the top of a PHP file.

Starz0r

Nevermind, seems I wasn't referring to the file correctly. I have to ask though, is there a way to apply CSS to the functions such as ssi_login()? I'm reading the manual and it really doesn't say anything about it.

ziycon

You shouldn't have a login box via the api, it should just take requests and return data, slim framework is very easy to use and will handle all your requests.

With regard to CSS, just add the relevant styling to whatever CSS file you use on the page that ssi_login() is being used.

Starz0r

Quote from: ziycon on October 01, 2015, 03:33:17 AM
You shouldn't have a login box via the api, it should just take requests and return data, slim framework is very easy to use and will handle all your requests.

I'm talking about the webpage SSI right now. Adding the API will be the second step once I finish being able to login to the webpage.

Quote from: ziycon on October 01, 2015, 03:33:17 AM
With regard to CSS, just add the relevant styling to whatever CSS file you use on the page that ssi_login() is being used.

I don't understand, I already have the CSS I want to use, but using ssi_login() gives me a rather plain login box, what am I supposed to do with it to make the CSS apply to it? Is putting the PHP code at the bottom of the page wrong? Or am I just missing a rather small detail that will allow me to do what I want?

Kindred

use firefox + firebug or chrome developer to find out the CSS used in displaying the login box.... and then define your own at a higher level (thus overriding the forum css that is applied to the ssi_login box by default)
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Starz0r

Quote from: Kindred on October 01, 2015, 08:13:46 AM
use firefox + firebug or chrome developer to find out the CSS used in displaying the login box.... and then define your own at a higher level (thus overriding the forum css that is applied to the ssi_login box by default)

By define your own, I would assume you mean in the website's CSS file and not in the PHP/HTML file itself correct?

Kindred

Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Starz0r

Using ssi_login() doesn't even seem to save after logging in, it just redirects to the forum with you being signed in. If you go back to the page with the login, it acts as if you didn't just sign in. Even the SSI Example file did this but going back to the same page still recognized you were logged in. The redirects you would use don't seem to work either, it just kicks you back to the forum index.

What's up with this?

Kindred

Do you have local cookies turned OFF and subdomain independent cookies turned ON?
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Starz0r

Quote from: Kindred on October 02, 2015, 08:06:09 AM
Do you have local cookies turned OFF and subdomain independent cookies turned ON?

How would I even go about doing this if indeed I have local cookies turned on and independent cookies turned off?

Kindred

Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Starz0r

Quote from: Kindred on October 02, 2015, 07:23:51 PM
smf admin > server settings

Now I am unable to login completely, forum wise and sub domain wise...

EDIT
The error I am getting is: You were unable to login. Please check your cookie settings.

EDIT2
Now it's looking really odd, I 'signed in' but can't do anything but see this message saying
Sorry, but you've reached your login attempts threshold. Please wait 30 seconds and try again later.

EDIT3
Back to normal, but still can't sign in? Normal users seem unaffected by this...

Starz0r

With the help of my admin friend, I was able to retain access to the forum by deleting my subdomain testing cookie. Honestly though, what caused it to act this weird when signing in with the sub domain with cookies on, this type of bug makes no sense.

Advertisement: