Share My Creation User Login + MySQL PHP API

aeric

Well-Known Member
Licensed User
Good job. I am very interesting in your web API management platform(like Swagger),what is it?
No, I don't use any tool or framework. The JSON is echo out from PHP json_encode() function.
 

oparra

Active Member
Licensed User
Good job. I am very interesting in your web API management platform(like Swagger),what is it?
It's excellent,

This API CLOUD flow and control platform.


For the processing of data distributed on different servers.

The bad thing is that you do not have control of the web API server (in case of availability and contingencies).
 

oparra

Active Member
Licensed User
I have reviewed the BANnano Framework and use it as a guide.

As an example this:

 

aeric

Well-Known Member
Licensed User
Thank you sir. How can i fully implement this without a domain? i.e using apache
You can run locally using software like xampp or usbwebserver. I prefer Laragon Full with Apache.

Inside config.php, comment out the setting for PRODUCTION section and uncomment the settings for DEVELOPMENT section:
PHP:
// Define URL

// DEVELOPMENT (local server)
define("ROOT_PATH", "/api/");
define("ROOT_URL", "http://127.0.0.1:8000/api");
// define("ROOT_URL", "http://192.168.0.6:8000/api");

// PRODUCTION - using subdomain
// define("ROOT_PATH", "");
// define("ROOT_URL", "http://api.computerise.my/");

define("DEVELOPMENT", "TRUE");
 
Last edited:

luqmanhaidar

Member
Licensed User
What do you mean auto login? You mean keep the login session time extend longer?
yes, and when the application is closed and when it is restarted it is still logged in , I try AHPreferenceActivity lib but if password change in mysql still save session with previous password change password has no effect
 

aeric

Well-Known Member
Licensed User
You can save some values using text files, keyvaluestore or sqlite database. How you implement the security is up to you.
 

aeric

Well-Known Member
Licensed User
B4J implementation (JRDC2 server) is working in progress.
The B4J API server is done now. Maybe it is not so stable but It is quite stable now. All APIs are working like in PHP server. You can use Postman to test the API too.

You can download App.zip in post #2 and what you only need to do is change the strURL in Process_Globals in Starter service and it works!
B4X:
'Dim strURL As String= "https://api.computerise.my/"        ' Remote / Production (Sharehosting/PHP)
Dim strURL As String = "http://45.15.25.31:17178/"            ' Remote / Production (VPS/B4J)
For the time being, I am not going to share the source for B4J unless with some donation. ;)
 
Last edited:

aeric

Well-Known Member
Licensed User
  1. Create a mysql event
    1. set that to run at every 5 minute
    2. delete all tokens older than 1day or whatever timespan you want.
  2. On every request check if the token is exist or not. If not exist inform the app to show the login screen again.
Is this okay?
SQL:
CREATE EVENT clear_user_api_key_every_hour
ON SCHEDULE EVERY 1 HOUR
STARTS CURRENT_TIMESTAMP
ENDS CURRENT_TIMESTAMP + INTERVAL 12 MONTH
ON COMPLETION PRESERVE
DO
   UPDATE tbl_users SET user_api_key = NULL
   WHERE user_last_login_at < NOW() - INTERVAL 1 HOUR;
To enable the event:
SQL:
SET GLOBAL event_scheduler = ON;
 
Last edited:

aeric

Well-Known Member
Licensed User
what happens if the API key is deleted and the user still works with the API?
I think need to force him to relogin.
Edit: Better to create a Token field and delete it every interval. APIKey should not be deleted.

SQL:
CREATE EVENT clear_user_token_every_hour
ON SCHEDULE EVERY 1 HOUR
STARTS CURRENT_TIMESTAMP
ENDS CURRENT_TIMESTAMP + INTERVAL 12 MONTH
ON COMPLETION PRESERVE
DO
   UPDATE tbl_users SET user_token = NULL
   WHERE user_last_login_at < NOW() - INTERVAL 1 HOUR;
 
Last edited:

Biswajit

Active Member
Licensed User
I think need to force him to relogin.
Edit: Better to create a Token field and delete it every interval. APIKey should not be deleted.

SQL:
CREATE EVENT clear_user_token_every_hour
ON SCHEDULE EVERY 1 HOUR
STARTS CURRENT_TIMESTAMP
ENDS CURRENT_TIMESTAMP + INTERVAL 12 MONTH
ON COMPLETION PRESERVE
DO
   UPDATE tbl_users SET user_token = NULL
   WHERE user_last_login_at < NOW() - INTERVAL 1 HOUR;
You don't have to specify the start and end time. Just the Event name, Schedule interval and the job that has to be done,
SQL:
CREATE EVENT clear_user_token_every_hour
ON SCHEDULE EVERY 1 HOUR
DO
   UPDATE tbl_users SET user_token = NULL
   WHERE user_last_login_at < NOW() - INTERVAL 1 HOUR;
SET GLOBAL event_scheduler = ON;
Check the event_scheduler status:
SHOW PROCESSLIST;
If you see something like this then its already running.
1593587821699.png

If not then run your global scheduler query.
 
Last edited:
Top