Hello! I’m working on an API extension to receive JWT tokens and then use them. The problem is that no matter how hard I try to connect to the hooks in the API class, it’s not being processed through my module. It immediately returns a 401. I tried to verify the token using the hook:
api_get_user_data_pre. Same thing. I checked it in the storefront_rest_api module; it works there. I checked the cache. And I saw that the cache saves an Array on the first save.
Please check the api_handle_request (app/Tygh/Api.php) hook and how it’s being used by the fn_storefront_rest_api_api_handle_request function of the storefront_rest_api add-on.
The fn_storefront_rest_api_api_handle_request function checks authorization. In my case, the hook isn’t showing up there either. I need to verify the JWT token before checking authorization. I’ve already created a parser and so on. I’d like to integrate it there.
As I understand it, there’s only one way to avoid breaking the cscart code. Connect to the api_get_user_data_pre hook. Get $this->user_data and, using the $_SERVER global variable, check the token for JWT, and then, at the api_get_user_data hook stage, check for validity. But I ran into a problem: these two hooks don’t work.
The answer lies in the order in which the ‘init’ functions are handled. Unmanaged add-ons are initialised first, followed by the API, and then, many steps later, common add-ons.
You can see this in the code of the init.php file.