XF 2.1 REST API use

[Eclixal]

I use the REST API.
But i want to get user auth on the xenforo app. On another web page. The cookie are share between the subdomain

Currently I have this

$client->request('GET', 'https://forum.elenox.net/api/me', [
            'headers' => [
                'XF-Api-Key' => '....',
                'XF-Api-User' => 'WITH COOKIE ? GET ACCOUNT'
            ]
        ]);

 

[Mike]

It sounds like you want the API to "validate" a given cookie or session. There isn't anything that exposes that within it. That's only generally done when a "normal" request is made into XF (like when viewing a page on the front end). This would currently need an add-on to expand.

(It's not safe or consistent to attempt to simply trust a user ID that may be listed in a cookie as you don't have the ability to validate that.)

 

[Eclixal]

And there is no other way to do what I want?

 

[Mike]

There isn't currently a way to do this with the REST API, as this sort of thing isn't exposed. You would need the PHP code to instantiate the XF framework directly and start the "public" app process and then check who \XF::visitor() is.

 

[NotArchon]

@Eclixal did you find a way to do this?