0

I'm trying to figure out how to use REST and am getting stuck.

Here is the documentation i'm looking at:

Request: https://www.domain.com/shipping/packages?id=5123

/members/login/auth
Authenticates a user and sets the szsess cookie that must be passed into any subsequent API method.
Parameters
email – User's email address
pswd – User's password

What would be the PHP code I would use to authenticate the user, and then store the cookie in a variable that I can pass into the API?

Here is what I have so far:

<?php
$request =  'https://www.domain.com/shipping/packages?id=5123'; 
$session = curl_init($request); 

print_r($session);
?>

I'm super lost with all of the CURL and Rest stuff.

Improve this question

1 Answer 1

Reset to default
1

[rant] If they're authenticating using a cookie, they're not ReSTful. [/rant]

In order to deal with this API, you'll need to learn to do the following (thanks to their shoddy implementation):

  1. Use CURL
  2. Use a CURL cookie jar

The two points are easy. Just a bit of a pain in the ass. In order to make our life easier, we'll define an API wrapper in PHP to execute the calls.

<?php
class APIWrap {
    private $jarFile = false;
    function __construct($jarFile=null) {
       if ($jarFile) {
          if (file_exists($jarFile)) $this->jarFile = $jarFile;
          else {
              touch($this->jarFile);
              $this->jarFile = $jarFile;
          }
       }
       else {
           $this->jarFile = "/tmp/jar-".md5(time()*rand(1,10000000)).".cookie";
       }
    }
    /* The public methods */
    public function call_url($url) {
       return $this->_call_url($url);
    }
    public function logIn($email,$password) {
        return $this->_call_curl("https://www.domain.com/members/login/auth",array("email" => $email, "pswd" => $password));
    }
    /* Our curl channel generator */
    protected function _call_curl($url,$post=array()) {
       $ch = curl_init();
       curl_setopt($ch, CURLOPT_URL, $url);
       if (count($post)) {
           curl_setopt($ch, CURLOPT_POST, true);
           curl_setopt($ch, CURLOPT_POSTFIELDS, $post); 
       }
       curl_setopt($ch, CURLOPT_COOKIEJAR, $this->jarFile);
       curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
       curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
       curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
       return curl_exec($ch);
    }
}

Set the curlopt calls as you please - they're there for reference purpose. The important one is CURLOPT_COOKIEJAR.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

The first point is due to the nature of ReST: it is stateless. A cookie requires your navigator to have a state. An OAuth token would be a better implementation.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.