定制 elidrissidev/magento-api2basicauth 二次开发

按需修改功能、优化性能、对接业务系统,提供一站式技术支持

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

elidrissidev/magento-api2basicauth

Composer 安装命令:

composer require elidrissidev/magento-api2basicauth

包简介

HTTP Basic authentication support for Magento 1.9 and OpenMage's Api2.

README 文档

README

This is a Magento 1.9/OpenMage extension that will add support for HTTP Basic Authentication in Api2 by introducing a new concept of "REST Users", which unlike the built-in OAuth adapter, doesn't require any human interaction and can be used to authenticate scripts and backends.

Installation

Manual

  1. Download the latest release and unpack it.

  2. Copy the app folder to the root of your magento store (choose the option to merge it with the existing content if prompted).

  3. Go to System / Cache Management and click "Flush Magento Cache" button on the top.

  4. To verify if the installation was successfull, look for a new option in System / Web Services menu called REST - Users. If you can't see it, make sure your admin user has permissions.

Composer

For OpenMage users, you can install this package easily by using composer:

$ composer require elidrissidev/magento-api2basicauth

Now you're ready to start using it!

Usage

Please do read the note below first.

If the installation is done properly, you should see a new option in System / Web Services menu called REST - Users, that's where you'll be able to create and manage the users that will be able to connect to the REST Api through Basic authentication.

Creating a user is not enough though, you'll have to give it access to some resources. This can be done the same way as usual by creating a REST Admin Role (System / Web Services / REST - Roles), then assigning it the user you created. Similarly, you'll have to also decide which resource attributes your REST users will have access to by going to System / Web Services / REST - Attributes, selecting REST User from the grid and selecting them from there.

Now you're ready to issue your first request! But first, you'll have to generate your authentication token, that is done by joining your username and password (Api key) with a colon (:) and encoding them in base64 (replace <username> and <password> with your own):

$ php -r "echo base64_encode('<username>:<password>') . PHP_EOL;"

You can now issue requests using your token (replace <token> with your own):

$ curl http://yourdomain.tld/api/rest/orders -H 'Accept: application/json' -H 'Authorization: Basic <token>'

If you get Access denied error, check that the role assigned to your user has access to the resource you're trying to access, and that your user is active. Additionally, you can check the logs.

Note: you may have noticed that this extension adds some new files to app/code/local. Those files are required to be able to use Basic authentication with the built-in REST endpoints in Magento, and because of the way it works, you need to add them in the same namespace as the module concerned (i.e. adding them inside the extension won't work). You can choose to not add them if you don't care about that.

A note about Basic authentication

Basic authentication is generally discouraged nowadays because it involves transfering user credentials over the network in base64 encoding, which can easily be decoded and viewed in plaintext. It is highly recommended that you use it only with an encrypted connection, and never issue requests from the client side as to not expose user credentials.

Conflicting extensions

  • Magestore_Webpos: This extension rewrites the Api2 Acl system and ends up allowing access to all resources and attributes for every REST User, regardless of the assigned role. Also overrides some of the built-in routes like /api/rest/orders, but this can be fixed by some small changes in the module's api2.xml.

Contributing

Please feel free to open an Issue if you find any bug, or have something to suggest. Translations to other languages are very welcome :).

License

This project is licensed under the MIT License.

elidrissidev/magento-api2basicauth 适用场景与选型建议

elidrissidev/magento-api2basicauth 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 21 次下载、GitHub Stars 达 5, 最近一次更新时间为 2022 年 05 月 28 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「magento」 「magento-module」 「openmage-module」 「openmage」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 elidrissidev/magento-api2basicauth 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 elidrissidev/magento-api2basicauth 我们能提供哪些服务?
定制开发 / 二次开发

基于 elidrissidev/magento-api2basicauth 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 21
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 5
  • 点击次数: 0
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 5
  • Watchers: 2
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2022-05-28