我正在尝试在我的网站上集成REST服务。我正在使用这个 https://github.com/chriskacerguis/codeigniter-restserver 的例子。到目前为止,我能够成功调用所需的数据。但是,当我想为其添加授权并尝试从邮递员访问它时,出现此错误:
{
"status": false,
"error": "Unauthorized"
}
如果我删除身份验证,它会再次工作。有谁知道这是一个错误还是我错过了什么?这是我的配置:
-------------------------------------------------------------------------
| REST Login
|--------------------------------------------------------------------------
|
| Set to specify the REST API requires to be logged in
|
| FALSE No login required
| 'basic' Unsecured login
| 'digest' More secured login
| 'session' Check for a PHP session variable. See 'auth_source' to set the
| authorization key
|
*/
$config['rest_auth'] = 'basic';
|--------------------------------------------------------------------------
| REST Login Usernames
|--------------------------------------------------------------------------
|
| Array of usernames and passwords for login, if ldap is configured this is ignored
|
*/
$config['rest_valid_logins'] = ['admin' => '1234'];
我也无法通过网址访问它。即使我输入了凭据,身份验证弹出窗口也会继续出现。请帮助
我为此苦苦挣扎,我设法通过将以下内容附加到我的 .htaccess(在索引.php位之后(来让它工作:
RewriteCond %{HTTP:Authorization} ^(.+)$
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
在您的情况下,我怀疑标头没有成功,这将确保它们成功。
它正在检查 PHP 服务器变量中的用户名和密码
$username = $this->input->server('PHP_AUTH_USER'); and
$password = $this->input->server('PHP_AUTH_PW');
application/libraries/REST_Controller.php行:1971
protected function _prepare_basic_auth()
{
// If whitelist is enabled it has the first chance to kick them out
if ($this->config->item('rest_ip_whitelist_enabled'))
{
$this->_check_whitelist_auth();
}
// Returns NULL if the SERVER variables PHP_AUTH_USER and HTTP_AUTHENTICATION don't exist
$username = $this->input->server('PHP_AUTH_USER');
$http_auth = $this->input->server('HTTP_AUTHENTICATION');
$password = NULL;
if ($username !== NULL)
{
$password = $this->input->server('PHP_AUTH_PW');
}
elseif ($http_auth !== NULL)
{
// If the authentication header is set as basic, then extract the username and password from
// HTTP_AUTHORIZATION e.g. my_username:my_password. This is passed in the .htaccess file
if (strpos(strtolower($http_auth), 'basic') === 0)
{
// Search online for HTTP_AUTHORIZATION workaround to explain what this is doing
list($username, $password) = explode(':', base64_decode(substr($this->input->server('HTTP_AUTHORIZATION'), 6)));
}
}
// Check if the user is logged into the system
if ($this->_check_login($username, $password) === FALSE)
{
$this->_force_login();
}
}
您可以按照 API 配置中的配置配置PHP_AUTH_USER和PHP_AUTH_PW Server变量进行身份验证并解决此错误,也可以使用 API 密钥作为备用身份验证方法。
我设法找出问题所在!事实证明,我的服务器 api 是 fastcgi,因此解决方案是更改REST_Controller文件。我发现这个链接适用于快速 cgi 用户
https://forum.codeigniter.com/thread-36015.html
希望这对某人有所帮助!