com_api icon indicating copy to clipboard operation
com_api copied to clipboard
verified publisher icon techjoomla

missed authenticated user session

Open carlos-andres opened this issue 8 years ago • 0 comments

Good Day,,

this is a newbie question, i create on joomla specific user a.k.a (usrRequests) and add token in component on backend.

and this is the user story

-> user "test" login on joomla -> then go to a menu item and show´s K2 component item -> make a ajax request to the api, (using token from the usrRequests) --> i set in /plugins/api/categories/categories.php $this->setResourceAccess('company', '', 'post'); and in the ajax request jQuery.ajax({ url: '/index.php?option=com_api&app=categories&resource=company&format=raw&mode=2&key=XXXXXXXXXXX', dataType: 'json', method: 'POST', cache: false, data: { info: formdata, time: jQuery.now() }, success: function (data, textStatus, jqXHR) { }, beforeSend: function (xhr) { }, error: function (jqXHR, textStatus, errorThrown) { console.log('An error occured!'); } }); every things and response it´s ok.. and all works fine -> but it change the session from the user "test" to the user "usrRequests"

The question is

  1. i need one token per user to make ajax requests?
  2. is it possible to use a generic token or a single user token to make requests independent of the user who is authenticated in joomla?

carlos-andres avatar Sep 26 '17 16:09 carlos-andres