In nodebb privileges section we can add the group for a particular category
so, Is there any api to get those category list which is having a particular group.
Hello,
I have the same issue. In the beginning the API calls works great. but after rebooting nodeBB API become inaccessible:
curl -i http://127.0.0.1:4567/api/groups
HTTP/1.1 401 Unauthorized
X-Powered-By: NodeBB
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Content-Length: 16
ETag: W/"10-vtDQr4TNdqPmUlGMXxiHnw"
set-cookie: express.sid=s%3At24DNKdbFbQj-4EZ9sr7xaKObOuhgqP9.yb6jCZG%2BSYPIW7AOsEfSiu6rs4ZwES4k5cEG5tm6QIs; Path=/; Expires=Thu, 31 Mar 2016 18:45:00 GMT; HttpOnly
Vary: Accept-Encoding
Date: Thu, 17 Mar 2016 18:45:00 GMT
Connection: keep-alive
"not-authorized"
any idea
Thanks.
So, how can we authorize/authenticate for the Read API? The Write API plugin allows us to generate bearer tokens or JWT, but these don't seem to work with the Read API. Can you give us a simple example?
Hi @julian
thanks for your quick answer as always!
I got it working using the Bearer token of the Write API, but experience some irreliable behavior using this method. I found that I need to create a topic first (POST /api/v1/topics
) that results in a 400 Bad Request
before I can access any private content or modify content according to my Authorization: Bearer TOKEN
header. If I don't follow this step I always receive a not-authorized
/logged_in: false
. Shouldn't I be able to access private content directly when providing the correct Authorization header in my GET /api/users
(example) request?
I did some more testing and found that the above solution does only work when sharing cookies. The Read API doesn't seem to authenticate itself against bearer tokens, but just uses the cookie.
Here is some non-sharing cookie example utilizing https://github.com/aacerox/node-rest-client:
var Client = require('node-rest-client').Client;
var client = new Client();
var args = {
headers: { "Authorization": "Bearer faf63e0a-23a5-4c80-b281-412108cefd21" }
};
client.get("https://myforum.com/api/v1/users/1/tokens", args, function(data, response) {
console.log(data);
// { code: 'ok', payload: { tokens: [ 'faf63e0a-23a5-4c80-b281-412108cefd21' ] } }
});
client.get("https://myforum.com/api/users", args, function(data, response) {
console.log(data);
// not-authorized
});
I don't understand your last sentence about the token
query string. As far as I understood this is required for JWT, which is an alternative to bearer tokens, right?
@julian This does work with the Write API, see my previous code example. But it doesn't work with the Read API. Should I open a GitHub issue? Which is the best repository for reporting issues to the Read API?