search

techjoomla / com_api

API framework for Joomla
http://docs.techjoomla.com/joomla-rest-api/com-api-introduction
GNU General Public License v3.0
123 stars 97 forks source link

missed authenticated user session #61

Open carlos-andres opened 7 years ago

carlos-andres commented 7 years ago

Good Day,,

this is a newbie question, i create on joomla specific user a.k.a (usrRequests) and add token in component on backend.

and this is the user story

-> user "test" login on joomla -> then go to a menu item and show´s K2 component item -> make a ajax request to the api, (using token from the usrRequests) --> i set in /plugins/api/categories/categories.php $this->setResourceAccess('company', '', 'post'); and in the ajax request jQuery.ajax({ url: '/index.php?option=com_api&app=categories&resource=company&format=raw&mode=2&key=XXXXXXXXXXX', dataType: 'json', method: 'POST', cache: false, data: { info: formdata, time: jQuery.now() }, success: function (data, textStatus, jqXHR) { }, beforeSend: function (xhr) { }, error: function (jqXHR, textStatus, errorThrown) { console.log('An error occured!'); } }); every things and response it´s ok.. and all works fine -> but it change the session from the user "test" to the user "usrRequests"

The question is

  1. i need one token per user to make ajax requests?
  2. is it possible to use a generic token or a single user token to make requests independent of the user who is authenticated in joomla?