not authorized issue #323
Comments
|
Your second try looks by inspection almost right -- you're getting a return that seems to indicate your header auth is correct, and that your allowedOrigins is working. The response is talking about the query: GraphQL can't parse what it receives. In fact it's receiving basically nothing. It's late, so just looked at a cheat sheet for axios, which could suggest that your second argument to the get isn't well-formed. It seems that to actually get your query used as a param, the call should be more like: Or, with axios, of course there are alternatives. |
Yes this is working, thank you! But why isn't my first try working? This was the way how I could get the data from the integrated graphQL but not with craftQL. |
|
Well, the first one isn't going to work until you provide the appropriate Authorization header, is it. That's also what its reply is telling you. Again, these things only operate as expected if you patiently provide the necessary permissions they expect. That includes not only the token, which 'not authorized' warns on, but that the token has permissions for the entities you want to query, as that will be the next step. Might also suggest that when you post code, you can use the single or triple back-ticks (or the <> button) to format it cleanly as you have written it. |
|
n.b. @aquafun - Antonio, I've deleted what was the last comment -- it was probably mis-direction on my part, just an insight that might apply elsewhere. I hope you got all forms of the access working with matched credentials, and are on your way with cheer now. The other matters I've taken up directly with Craft via @andris-sevcenko etc., and would just mention here for others learning from your issue that Craft's internal Gql is often a bit different, beginning with the I'm-alive query being As well it has a 'Public Schema' which can let you connect for this without necessarily providing authentication, but by proper default also won't let you do any other queries -- that's where private Schemas and tokens for them come in. For this and quite a few differences in elements of queries, it's surely important then to read the documentation with care if coming from CraftQL experience. This is what I was getting at with the deleted last reply, but realized also later that these points probably didn't have anything to do with your experience this time -- cheers. Clive |
|
I just struggled with a similar issue. It took me a while to realize that it only happened when I was not logged in, and it only happened on my staging server, but not my local server. It turns out my authorization header was not being passed to PHP. I tweaked my .htaccess file, as in this example, and that seems to have fixed the problem. Hope that helps if anyone else is having a similar issue. |
I'm trying to use Craft as a headless CMS system but I fail.
I use 2 different domains.
At the moment, I have
myurl.testwhere my craft installation is placed.My second domain is
http://localhost:8080/where I created a vue project and want to get my data from craft.I set up my CraftQL.php on
myurl.test<?php return [ 'allowedOrigins' => [ '*' ] ];If I try on
http://localhost:8080/:const url = 'http://myurl.test/admin/actions/craftql/api'; const test = await axios.post( url, { headers: { 'X-Requested-With': 'XMLHttpRequest', 'Content-type':'application/json' }, query: '{helloWorld}' }); console.log(test)The response is
{"errors":[{"message":"Not authorized"}]}Of course I tried it with an authorized header and different queries too but that is the simplest one.
My second try was:
`const url = 'http://aquafun.test/admin/actions/craftql/api';
const token = 'abcde';
const query = '{helloWorld}';
The response is:
{"errors":[{"message":"Syntax Error: Unexpected <EOF>","category":"graphql","locations":[{"line":1,"column":1}]}]}If I try the create method without a token I get the same response like in my first try.
I tried uppercase bearer already.
The text was updated successfully, but these errors were encountered: