We have changed our pricing. Flexmonster Software License Agreement was also updated (list of changes)
Get Free Trial
Get Free Trial

custom api auth

posted on August 18th, 2022

Re-Open
Michał asked on August 18, 2022

Hi, I have a problem with reading the athtoken sent from the {version: API_VERSION, authtoken: token} server (I sent the answer from / handshake) and I cannot read it on the client side (flexmonster) and send it with the next client request

7 answers

Public
Maksym Diachenko Maksym Diachenko Flexmonster August 18, 2022

Hello, Michał!

Thank you for raising a ticket.

Kindly note that the handshake was not created for authorization. This request's purpose is to check whether the server and the client implement the same version of the custom data source API. That's why the version parameter is the only one expected to be returned in handshake's response. 

We suggest getting authtoken on the client with a separate request. Later, you can insert this token into the body or header of each request sent by Flexmonster with the customizeAPIRequest() API call

Feel free to contact us if more questions arise.

Best Regards,
Maksym

Public
Michał August 19, 2022

I could ask you to show it on an example
how to make an extra request from flexmonster front

Public
Nadia Khodakivska Nadia Khodakivska Flexmonster August 19, 2022

Hello,

Thank you for the response.

Our team is currently working on your question. We will get back to you soon.

Kind regards,
Nadia

Public
Maksym Diachenko Maksym Diachenko Flexmonster August 23, 2022

Hello, Michał,

Hope you are doing well.

We recommend implementing this logic in a way similar to the example below: 
https://jsfiddle.net/flexmonster/703pmv1h/

Please see the general idea for the described approach:

  1. Create a separate service on your server that will return the authtoken
  2. Insert the request to the previously implemented service before initializing the Flexmonster component, and retrieve the authtoken from the response.
  3. Initialize the component with the customizeAPIRequest parameter inside the Flexmonster constructor. Within this function, insert the authtoken into the requestHeaders object. 
    customizeAPIRequest: (req) => {
      req.requestHeaders = {
        AuthToken: authtoken,
      };
      return req;
    }
  4. If necessary, you can use the unauthorizederror event to handle the cases when the currently loaded token is expired. The callbackHandler function is passed into the unauthorizederror event handler, allowing you to resend the request with updated request headers. Please note that your server must return the 401 Unauthorized error for triggering this event.

Feel free to contact us if further assistance is needed.

Best Regards,
Maksym

Public
Michał August 23, 2022

after using the example, the client does not see the token sent back by the server

Public
Maksym Diachenko Maksym Diachenko Flexmonster August 25, 2022

Hello, Michał,

Thank you for your feedback.

Kindly note that this example was created to illustrate the general idea of how to get the authtoken before Flexmonster is loaded and send it to a custom API server. Speaking of retrieving the token, we suggest adjusting this part of the code based on how you implemented the request itself in your project.

You are welcome to write us if more questions arise.

Best Regards,
Maksym

Public
Maksym Diachenko Maksym Diachenko Flexmonster September 1, 2022

Hello, Michał,
Hope you are doing well.
Our team is wondering if you successfully implemented the authorization for custom API.
We are looking forward to hearing your feedback.
Best Regards,
Maksym

Please login or Register to Submit Answer