Mobile app development in flutter

ravee23 · March 22, 2023, 10:44am

I am trying to extend the mobile app for my cs-cart multi vendor and could register users but unable to login with api endpoint /api/users/login. Can anyone help me with actual endpoint or suggest any changes in the config files / other files to get this working. I am getting a Not Found Error on login

CS-Cart_team · March 24, 2023, 7:30am

Hello!

Take a look at the Tygh\Api\Entities\v40\SraAuthTokens and Tygh\Api\Entities\AuthTokens entities. These endpoints return a token that can be used to authorise any further API requests. Please have a look at Tygh\Api\Request::getAuthFromRequest, Tygh\Api::getUserData to see how further authorisation is handled.

The availability of the API endpoints to customers is managed by the \Tygh\Api\AEntity::privilegesCustomer method.

DETR1SE · August 2, 2023, 10:54am

Hi. We have Multi-Vendor Plus, and we would like to know how to make SRA addon token accessable.

CS-Cart_team · August 3, 2023, 1:57pm

Hi!

Make sure that the storefront_rest_api unmanaged add-on is installed and enabled. You can check its status in the ?:addons table of the database of your store.

DETR1SE · August 4, 2023, 11:11am

Addon is enabled, when sending get request, response code 401. Bearer token is correct.

CS-Cart_team · August 7, 2023, 11:07am

As I can see, you are trying to use the ‘Bearer token’ to access the endpoint. However, in SRA it works in a different way. To use tokens in SRA, you need to:

Make the POST request to the /api/auth_tokens endpoint.
Receive the generated token in the response.
Use this token in the username in the Basic authentication with the requests you make to your installation.

I hope it will help you.

DETR1SE · August 8, 2023, 1:31am

So, to receive generated token we should use admin api? Everyone tells it’s not secure practice.

CS-Cart_team · August 10, 2023, 6:52am

No, I haven’t said that.

You can authorize as a customer if you use the auth_tokens API endpoint.

CS-Cart_team · August 10, 2023, 8:36am

The email and password should be contained in the body of the POST request, not in its headers. Please take a look at the \Tygh\Api\Entities\AuthTokens::create() method in the app/Tygh/Api/Entities/AuthTokens.php file for the details.

DETR1SE · August 11, 2023, 12:15am

Are you planning to write documentation for Storefront API?

CS-Cart_team · August 11, 2023, 11:13am

No, I am afraid there are no plans for that. The SRA add-on is designed to be used with our mobile application. Since we can always change the API endpoints in the add-on to match our current state of the mobile application, we stand by our decision not to create public documentation for it.