Skip to Content Skip to Menu

🌟Discover the Joomla AI Plugin that wrote its own story! - CB Editor Assistant 1.1now for Joomla 3, 4 & 5!
✍️ 5-Day Free Trial, then 🎯 save up to 30% with our 🛍️ Intro Offer (First 50 users, ends Dec. 25th)
🌲 Merry Christmas! Great savings on Professional and Developer Memberships! Get 25% off now with code XMAS-2024!

CB API token versus Joomla API Token

  • activha
  • activha
  • OFFLINE
  • Posts: 2336
  • Thanks: 117
  • Karma: 13
3 months 1 week ago - 3 months 1 week ago #339118 by activha
CB API token versus Joomla API Token was created by activha
Hello

Last year and beginning of this year I developed a lot of features using a token made with an autoaction and stored in a CB Field with this kind of code:
Code:
global $_CB_framework; // Chiffrement et encodage $plaintext = (string) \CBLib\Application\Application::MyUser()->getUserId(); $key = $_CB_framework->getCfg('secret') . 'secret_code'; $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('AES-256-CBC')); $ciphertext = openssl_encrypt($plaintext, 'AES-256-CBC', $key, 0, $iv); $encrypted_data = bin2hex($iv . $ciphertext); $user->set('cb_token_api', $encrypted_data); $user->store();

Then we use this code in several autoactions to identify the user.

I would like your feedback about whether to continue using this field and this code, or switch to Joomla token API and use the native joomla token.

Could we get the same results with it ? it is worth switching or sticking to CB autoaction for this ? if yes how can I get the userid in an autoaction with the joomla API token ?

Thanks for your feedback
Last edit: 3 months 1 week ago by activha.

Please Log in or Create an account to join the conversation.

  • krileon
  • krileon
  • ONLINE
  • Posts: 48616
  • Thanks: 8302
  • Karma: 1446
3 months 1 week ago #339119 by krileon
Replied by krileon on topic CB API token versus Joomla API Token
Entirely up to you as either should work fine. You'd have to utilize Joomla APIs to verify the token, which I can't advise you on. As for converting it to a user_id they're stored in _user_profiles with the users id so should be easy enough to query for that.


Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.

Please Log in or Create an account to join the conversation.

  • activha
  • activha
  • OFFLINE
  • Posts: 2336
  • Thanks: 117
  • Karma: 13
3 months 1 week ago #339120 by activha
Replied by activha on topic CB API token versus Joomla API Token

...which I can't advise you on...

Mind to elaborate on that ?
Is it risky or not easy to deal with ?

Please Log in or Create an account to join the conversation.

  • krileon
  • krileon
  • ONLINE
  • Posts: 48616
  • Thanks: 8302
  • Karma: 1446
3 months 1 week ago #339121 by krileon
Replied by krileon on topic CB API token versus Joomla API Token
It's because I've no idea what their API is for verifying the token. I don't know if it's documented, but I didn't find anything on the new documentation site below.

manual.joomla.org/docs/next/

I assume there's a simple static class or container class that needs to be called to verify the token as you'd want to verify it before doing anything with it, but I guess you could consider your query a form of verifying it but personally I'd run it through the verification API before even doing that query.


Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.

Please Log in or Create an account to join the conversation.

  • activha
  • activha
  • OFFLINE
  • Posts: 2336
  • Thanks: 117
  • Karma: 13
3 months 1 week ago #339122 by activha
Replied by activha on topic CB API token versus Joomla API Token
Thanks !
I'll stick with the CB autoaction and CB fields for now
(if it aint broken, don't fix it ! :-) )

Please Log in or Create an account to join the conversation.

Moderators: beatnantkrileon
Powered by Kunena Forum