0

I have Drupal 7 and Services 3.x (3.10). In the /admin/structure/services page, i have create an endpoint and my custom module:

function webServices_services_resources() {
$api = array(
'customers' => array(
    'retrieve' => array(
     'help' => 'Retrieves posted blogs',
     'callback' => '_webServices_retrieve',
     'access arguments' => array('access content'),
     'access arguments append' => FALSE,
     'args' => array(
         array(
           'name' => 'id',
           'type' => 'int',
           'description' => 'The id of the note to get',
           'source' => array('path' => '0'),
           'optional' => FALSE,
         ),
       ),
      ),
    ),
  );
return $api;
}

Now i make a POST request to my base_url/endpoint/user/login.json (passing username and password) and i get the session_name and session_id.

if i call (for example) base_url/endpoint/customers/1.json with the following header:

User-Agent: Fiddler
Content-Type: application/json
Host: liburna3.alpha-si.org
Cookie: SESS738851ba4e98ab1f17a7252513dc0719=hy5xVjlDzjIbXz-nlwEV4GywbAPAPL0d_aFGhtIRWzw

i get error 403: Access denied for user xxxxxxxxx

What is the problem?

Tom
  • 4,007
  • 24
  • 69
  • 105
  • You're missing a csrf token - https://groups.drupal.org/node/358308 – Clive Oct 14 '14 at 14:44
  • I have tried to put also, in the header, X-CSRF-Token: : 0YHNSF62OVt9yttpgMFvbrvSEdTzGvNIqdZ53OY (received in the login response) but i get the same results...no authenticated – Tom Oct 14 '14 at 15:01
  • If that's the token that Drupal gives you back for that login session, it should work. Always does for me. If you're doing it exactly as the docs describe, and it doesn't work, open a bug report on the module...it's more likely your code is wrong though – Clive Oct 14 '14 at 15:03
  • in my custom module is correct how i have used 'access arguments' ? I have no written the 'access callback' – Tom Oct 14 '14 at 15:28

1 Answers1

1

I would check my authentication state calling base_url/endpoint/system/connect.

If you are not logged in (or you header is not right) it returns:

"sessid": "PfG79I6elMMYln8nyftReLOY0d5So7O0C3LRIdbOeMo",
  "session_name": "SESS74282c529439441e18b575b0e6fe308f",
  "user": {
    "uid": 0,
    "hostname": "2a02:8388:1580:2500:7b:3322:23a4:c902",
    "roles": {
      "1": "anonymous user"
    },
    "cache": 0,
    "timestamp": 1460891635
  }
}

If you are logged in it returns the full userdatat in user property of result.

I setup a testing site for nearly all drupal services calls .>You can enter basepath and endpoint and test you backend. Find it here => http://www.drupalionic.org/explore/

Enter you data and then go to Resources -> Services 3.x -> System and click the Connect tab.

You can also find a fully featured angular lib for drupal services here => https://github.com/BioPhoton/ng-drupal-7-services

BioPhoton
  • 111
  • 7