Backend connection not possible (missing $authkey value?)

[flo71]

After setting up the backend with INSTALL.php (using existing MySQL DB, successful setup message), I continue to get the message "API did not send back a header with the version information" in the app.

When looking at the php files on the server, I can see in config.php all MySQL values are filled, but the first line is: $authKey = '';

So does that mean the install routine did not successfully hash the authentication token? On the other hand, it seems like it does not even get to authentication ...

Can you give me any other hint at what I might be doing wrong? My host is: "http://mydomain/shoppinglist-dir/" or should I ditch the trailing slash? Do I need to configure the .htaccess file?

[DerVerruckteFuchs]

I'm also having this issue. I'm using MySQL. However I do have an authKey unlike @flo71. Trying "https://mydomain/" gives me the "API did not send back a header with the version information" message, but trying "https://mydomain/shoppinglist_backend" gives me an "Authentication Failed." message. My apache webserver uses Let's Encrypt for SSL and I have enabled SSL in the Android app settings. "https://mydomain/shoppinglist_backend" is where I have the ShoppingList_Backend saved. During installation the config file wasn't automatically generated, so I manually copied the config settings to the config file like the installer instructed to. I deleted everything in the config file before copying the recommended settings. I've made sure that I copy/pasted the authKey correctly to the auth token field in the Android app.

[DerVerruckteFuchs]

I left the authentication token field empty on the Android app and it seems to work. I'm going to play with it more to see how to actually enable authentication.

[DerVerruckteFuchs]

So I've tested by deleting the 'ShoppingListUser' user and 'shopping' database and going through the installation process a couple more times. From what I've discovered, it seems that the $authKey manually inputted during installation is the one you end up using, blank or not. The $authKey generated and written to the config.php file has no bearing on anything it seems. Using the one in the config file gives me an authentication error, while the one I manually inputted during installation is the one that works, blank or not.

For reference I installed the backend by git cloning it to my /var/www/html dir.

[jklmnn]

@DerVerruckteFuchs the one written to the config file shouldn't be in clear text and therefor not work. It should be a bcrypt2 hash.

[ghost]

@DerVerruckteFuchs do you take a look into your Apache/Nginx error file? Maybe you get an error thrown out.

[DerVerruckteFuchs]

@jklmnn I used a previously generated bcrypt2 hash from an earlier generated config for my current setup. None of it's been in plain text as far as I can tell.

[DerVerruckteFuchs]

@beli3ver it looks like the reason the config file wasn't written is because of a permissions issue.

PHP Warning:  file_put_contents(.htaccess): failed to open stream: Permission denied in /var/www/html/ShoppingList_Backend/INSTALL.php on line 51, referer: https://mydomain/shoppinglist_backend/INSTALL.php

I get pretty much the same warning again, except it refers to line 113 instead of 51.

I'm also getting a warning for 'root'@'localhost' having access denied, but it looks like it is using "YES" and "NO" as a password instead of an actual password.

Another warning I'm getting is:

PHP Warning:  mysqli::mysqli(): Headers and client library minor version mismatch. Headers:50549 Library:50630 in /var/www/html/ShoppingList_Backend/INSTALL.php on line 144

I've had a other things previously setup on my Apache server, so I assume that may have something to do with it, at least with permissions and users.

[MM2forever]

In case anyone still cares why that pesky

Warning: Cannot modify header information - headers already sent by [...]

comes... I figured it out by simply googling that and finding:

https://stackoverflow.com/questions/8028957/how-to-fix-headers-already-sent-error-in-php

Pay attention to the part in the approved answer where it says:

(Reasons for headers not being sent:)

Whitespace before <?php for "script.php line 1" warnings

so I checked the api.php and lo and behold, there was a space preceeding the <?php at the very beginning... deleted it and well - I can connect.