search

Lyro1 / EpiCenter

An Android application which regroups all the main features needed by EPITA's student
MIT License
0 stars 0 forks source link

[Calendar] Authentication for Chronos API #1

Open Lyro1 opened 5 years ago

Lyro1 commented 5 years ago

As mentionned in chronos-ics#1 , Chronos now requires an authentication token, otherwise every requests return a 403 status.

Even though I have a token, it would be way better to know if it is possible to generate it.

Follow-up with 6A/chronoscopie.

Lyro1 commented 5 years ago

In Javascript, the following query also fails:

url="http://v2.webservices.chronos.epita.net/api/v2/Group/GetGroups/";
var xmlHttp = new XMLHttpRequest();
xmlHttp.open( "POST", url, true );
xmlHttp.setRequestHeader("Auth-Token", "0bffc5524976f8e833a6df954ca01b06");
xmlHttp.send( null );
return xmlHttp.responseText

with the following error:

Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.
Lyro1 commented 5 years ago

In Javascript, the following query also fails:

url="http://v2.webservices.chronos.epita.net/api/v2/Group/GetGroups/";
var xmlHttp = new XMLHttpRequest();
xmlHttp.open( "POST", url, true );
xmlHttp.setRequestHeader("Auth-Token", "0bffc5524976f8e833a6df954ca01b06");
xmlHttp.send( null );
return xmlHttp.responseText

with the following error:

Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.

After researches, it seems that this is a web browser default settings convention.