K8 Web Kit - Rest API

A REST API (Representational State Transfer Application Programming Interface) is a programming interface based on the REST architecture that allows systems to communicate over a network (such as the internet). It utilizes HTTP methods (e.g., GET, POST, PUT, DELETE) and can transmit data in various formats, such as JSON or XML, to connect clients and servers. REST APIs are stateless and allow the separation of client and server, promoting high flexibility, scalability, and component independence.

K8 Web Kit as a REST API

Requests

Method and urls:

Headers:

Body:

A body is necessary for the methods: POST and PATCH.

Supported methods:

GET
POST
PATCH
DELETE

Endpoints

The datadefIDs are the endpoints.

Authorization

The Authorization type is Basic Authorization with:

username
password

More authorization conditions:

only active users are supported
config/_init.php:
- domain_restroles: only user with the defined roles are allowed to send REST requests
3 failed login attemps in 1 hour are allowed, the failed attemps with IP are saved in the table k8fail2ban

Response

HTTP-Status: 200,201,400,... Response:

The content of the response depends on request method and API service.

Exmaples for HTTP status:

200: OK
201: creatd
400: bad request
403: forbidden
... more

Requirements

Folder: restapi

index.php has access to the database and data definitions. It checks:

credencials
request method
endpoints (datadefID)

It sends the response.

.htaccess:

The .htaccess redirects all REST API requests to the file restapi/index.php

config/_init.php

A registered user needs the roles: 2 or 105. You need your own installation of K8 Web Kit and establish your own REST API.

The HTTP playground: postman.com

postman.com offers a comfortable playground for checking out API services. You can create your own workspaces. Enter your request, test and save them.

Visit:

postman.com

Request with K8 Web Kit

PHP, request with curl:

Request

method
url
header
body

Response

http_status
response
- header
- body

The credencials are in the header. So the request is done in the backend to hide the credentials.

PHP, request with the connector object:

$result=array("bok"=>false,"error"=>"");
$payload=getfromArray($_REQUEST,"payload");
$connector=getfromArray($payload,"connector");
$method=getfromArray($payload,"curl_method",$GLOBALS['domain_connectors'][$connector]['method']);
$url=$GLOBALS['domain_connectors'][$connector]['url'];
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
switch ($method){
  case "POST":
    curl_setopt($ch, CURLOPT_POST, true); // sets method to POST
    break;
  case "GET": // default
    break;
  default:
    curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $method);
    break;
}
curl_setopt($ch, CURLOPT_HTTPHEADER, $GLOBALS['domain_connectors'][$connector]['headers']);
if(isset($payload['curl_body']) && !gbnull($payload['curl_body'])){
  mylog($payload['curl_body'],2);
  curl_setopt($ch, CURLOPT_POSTFIELDS, $payload['curl_body']);
}
$result['response']=curl_exec($ch);
if (curl_errno($ch)) {
  $result['error']=curl_error($ch);
}else{
  $result['bok']=true;
}
$result['http_status'] = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);

Connector

The connector is defined in the config/_init.php. It contains url, credentials and header. The REQUEST contains the parameter:

method
url
body

The variable result returns the request:

http_status
response
error

Testing with K8 Web Kit (under construction):

k8webrequests

Request with JavaScript

JavaScript example for REST request

async function curl(options) {
  let el_form=options.el_form;
  let url=GLOBALS_hostpath+"masterdata/ProcessMethod.php?process_action=curl";
  let curl_method=el_form.elements.namedItem('method').value
  let curl_body=el_form.elements.namedItem('body').value
  let curl_url=el_form.elements.namedItem('url').value
  let connector=el_form.elements.namedItem('connector').value
  let payload={
    connector:connector,
    curl_url:curl_url,
    curl_method:curl_method,
    curl_body:curl_body,
  }
  const request = await fetch(url, {
    method: "POST",
    headers: { "Content-Type": "application/json" },
    body: JSON.stringify({payload})
  });
  const resp = await request.json();
  let response = {};
  try{
    response=JSON.parse(resp.response);
  }
  catch(e){
    cancel=true;
    k8.message("error in columns","alert");
  }

console.log(resp);
  if(resp.bok){
    //el_form.elements.namedItem('response').value=getfromArray(resp,'response');
    let myjsonstr=JSON.stringify(response, null, "  ");
    editor.setValue(myjsonstr);
  }else{
    //el_form.elements.namedItem('response').value=getfromArray(resp,'error');
    let myjsonstr=getfromArray(response,'error');
    editor.setValue(myjsonstr);
  }
  el_form.elements.namedItem('httpstatus').value=getfromArray(resp,'http_status',0);
  options.setDirty(true);
}

Curl Method in php

The curl method needs to be executed in php, url:

masterdata/ProcessMethod.php?process_action=curl

The curl parameters are set in the variable payload:

connector
method
url
body

The response is in the object resp. Properties are:

bok
error
response
http_status