Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Vanilla API and authentication

jspautschjspautsch ✭✭✭
edited December 2013 in Vanilla 2.0 - 2.8

I'm currently using the built-in Vanilla open source API (in version 2.0.18) to retrieve a list of recent discussions via /index.php?p=/discussions.json

However, I'd also like to retrieve unread counts for the user, but to do this I'd need to establish a session. I have the user's username and password, because they authenticate via basic HTTP auth using the same credentials that are used to login to our Vanilla instance.

I keep seeing posts on the community forums suggesting that this might be possible with Vanilla's built-in API; however, I can find no documentation at all as to its capabilities. For example, on the open source documentation page here on vanillaforums.org, the Vanilla API section redirects to the .com site:

http://blog.vanillaforums.com/api/

...which obviously isn't useful for me. On that page it does say "Vanilla has had a read-only ReSTful API for some time," but again, gives no documentation. That page only seems to describe the capabilities of the "Simple API" plugin, which I assume is commercial-only.

Anyone know how Vanilla's read-only REST API works, or know where I can find documentation on it? Does "read-only" imply I won't be able to authenticate users?

Best Answers

  • KasperKasper Vanilla Staff
    edited December 2013 Answer ✓

    To authenticate with the default API, you simply need to authenticate with Vanilla itself using any of the SSO solutions out there.

    As for my API application, it's very close to being of beta quality, but it currently isn't and won't be compatible with Vanilla 2.0.18.

    Kasper Kronborg Isager (kasperisager) | Freelance Developer @Vanilla | Hit me up: Google Mail or Vanilla Mail | Find me on GitHub

  • KasperKasper Vanilla Staff
    Answer ✓

    @jspauth: Why not send an AJAX call directly to the API endpoint? You don't need to route it through cURL in PHP.

    Kasper Kronborg Isager (kasperisager) | Freelance Developer @Vanilla | Hit me up: Google Mail or Vanilla Mail | Find me on GitHub

Answers

  • Don't know any answers to your questions.

    but perhaps kasper's wiki and plugin might help.

    https://github.com/kasperisager/vanilla-api/wiki

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

  • jspautschjspautsch ✭✭✭
    edited December 2013

    Looked into that, and looking forward to when it's actually released, but last I heard it was in very early development and not ready for production use.

    When I tried to use it, it didn't seem to like the fact that my Vanilla instance isn't on the domain root (least that's what I assume, on the Settings page it lists my api location on the domain root instead of on the subdirectory containing the Vanilla instance, and trying to access /api on either vanilla/api/... or /index.php?p=/api/... yields a Not Found error). I also don't see much in the way of documentation there, so I'm not even sure how to access things like a discussion list.

  • peregrineperegrine MVP
    edited December 2013

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

  • KasperKasper Vanilla Staff
    edited December 2013 Answer ✓

    To authenticate with the default API, you simply need to authenticate with Vanilla itself using any of the SSO solutions out there.

    As for my API application, it's very close to being of beta quality, but it currently isn't and won't be compatible with Vanilla 2.0.18.

    Kasper Kronborg Isager (kasperisager) | Freelance Developer @Vanilla | Hit me up: Google Mail or Vanilla Mail | Find me on GitHub

  • there are three api. the core OS version, the hosted version, and kasperisager's API

    what context are you wanting to do this? Client side scripting you already have a session, if said person is logged on.

    grep is your friend.

  • jspautschjspautsch ✭✭✭
    edited December 2013

    @x00 said:
    there are three api. the core OS version, the hosted version, and kasperisager's API

    what context are you wanting to do this? Client side scripting you already have a session, if said person is logged on.

    Like I said in the OP, the core OS version.

    @Kasper said:
    To authenticate with the default API, you simply need to authenticate with Vanilla itself using any of SSO solutions out there.

    Hm, not sure why I didn't think of that. I'll give it a shot.

    As for my API application, it's very close to being of beta quality, but it currently isn't and won't be compatible with Vanilla 2.0.18.

    Ah, skipping straight to 2.1?

  • Like I said in the OP, the core OS version.

    You didn't understand the question. I asked if you are using the api client side or server side.

    if you are are doing it server side, you need cookie/handling handling. Also storing the password in plain text, isn't the ideal.

    grep is your friend.

  • jspautschjspautsch ✭✭✭
    edited December 2013

    More like I missed the second half. ;)

    @x00 said:
    if you are are doing it server side, you need cookie/handling handling. Also storing the password in plain text, isn't the ideal.

    Well, it's javascript that does an AJAX call to a PHP file. The PHP file then uses CURL to call /index.php?p=/discussions.json and return the result.

  • KasperKasper Vanilla Staff
    Answer ✓

    @jspauth: Why not send an AJAX call directly to the API endpoint? You don't need to route it through cURL in PHP.

    Kasper Kronborg Isager (kasperisager) | Freelance Developer @Vanilla | Hit me up: Google Mail or Vanilla Mail | Find me on GitHub

  • @Kasper said:
    jspauth: Why not send an AJAX call directly to the API endpoint? You don't need to route it through cURL in PHP.

    Yeah... as I typed it I realized how backwards it was. As it happens I had simply adapted it from the wordpress plugin. I'll try it out. :P

Sign In or Register to comment.