Cannot determine what is the required minimal authentication

You must send cookie in headers to do a CRUD action.
After submiting user and pass to http://example.com/restws/session/token you must get cookie from returned data headers.

I wrote a simple login function in python, hope it works for you.

def login(u,p):
    url = 'http://<drupal-with-restws>/restws/session/token'
    r = urllib2.Request(url,'',{'Authorization':'Basic '+base64.b64encode(u+':'+p)})
    f = urllib2.urlopen(r)
    cookie = f.headers.dict['set-cookie']
    csrf = f.read()
    return csrf,cookie

and another function to request a node :

def requestNode(nid,session,cookie):
    url = 'http://<drupal-with-restws>/node/' + nid + '.json'
    r = urllib2.Request(url,'',{'Content-Type':'text/plain','X-CSRF-TOKEN':session,'Cookie':cookie})
    r.get_method = lambda: 'GET'
    f = urllib2.urlopen(r)
    js = json.loads(f.read())
    f.close()
    return js

Hope it helps you.
sorry for my poor english

Here is a (procedural) way of grabbing the data using PHP:

<?php

// Login to the site
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, 'http://<drupal-with-restws>/restws/session/token');
curl_setopt($curl, CURLOPT_USERPWD, "restws_user:password");
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_HEADER, 1);

// Parse the header to get the token and cookie
$result = curl_exec($curl);
$token = substr($result, (strlen($result) - 43));
preg_match('/^Set-Cookie:\s*([^;]*)/mi', $result, $m);
$cookie = $m[1];

// Pull all nodes in json format
curl_setopt($curl, CURLOPT_URL, 'http://<drupal-with-restws>/node.json?type=article');
$headers[] = 'Content-type: application/json';
$headers[] = "X-CSRF-Token: $token";
$headers[] = "Cookie: $cookie";
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
curl_setopt($curl, CURLOPT_HEADER, 0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
$json = curl_exec($curl);

print($json);

Lots of good advice in this issue so far.

Nobody else has mentioned this so far, but I think that the username restwstest will not match the regular expression pattern: '/^webrstest.*/' which would prevent the user from being logged in.

Marking this fixed as there has been no followup from the original poster and there is some good advice on how to work with the module.

Hmm,

I've been struggling with trying to get the code from #3 to with the 7.x-2.0-alpha5 version of the module with no luck. Problem is when printing out the $result from just above the $token definition in the code, I get "HTTP/1.0 401 Unauthorized" etc. What I have done so far:

- enabled the restws and the basic auth module, didn't setup anything in settings.php
- created a user "aalamaki" and gave the necessary administrator role to access the restws
- trying to run the code on localhost from the command line on linux, the Drupal is running on the same server

Been trying this on two different servers now with no luck, could someone try to point me in the correct direction, is there something else required? Any help would be greatly appreciated... :)

Here is a working php curl login
http://stackoverflow.com/questions/2140419/how-do-i-make-a-request-using...

Worked for me for Rest WS

$process = curl_init("http://mysite.com/services/session/token");
curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/xml', $additionalHeaders));
curl_setopt($process, CURLOPT_HEADER, 1);
curl_setopt($process, CURLOPT_USERPWD, "restwsusername:pass");
curl_setopt($process, CURLOPT_TIMEOUT, 30);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
$return = curl_exec($process);
curl_close($process);
print_r($return);

PS :

LOST MORE INFO HERE
https://drupal.org/documentation/modules/rest

Hi all

I've just spent a few hours trying to work out how authentication works in RESTWS. The comments above are each only part of the story. Here's how I think it works. Correct me if I'm wrong.

Basically, you have two choices:

1. You can make REST calls (from within a browser with jQuery, for example) so long as you are logged in; that is, you have a valid session cookie. To prevent CSRF attacks, you will first need to go through the process in #1 above to get a token for a X-CSRF-Token header. You include this header in future requests, and your browser will provide the session cookie. (In case you're wondering, you need to provide the Authorization header to prove you're entitled to get the token.)

2. You use a Basic Authorization header on all REST calls. You don't need a session cookie. The format for the Authorization header is as specified in #1 above; ie

Authorization: Basic qsdjhqsdjqsnbdsjqdbqs=

The parameter is a base-64 encoding of the string "username:password".

BUT ... to use this option, you need to

a. Enable the "Basic authentication login" module (it's in the "Others" category)

b. Use a user account that starts with the required prefix; the default is "restws", as shown in #7 above. See the discussion in #1946108: Document the motivation for restws_basic_auth_user_regex for the motivation for this feature. Make sure you assign the appropriate permissions to your restws user account. (I put mine into an admin role I already had on my site. You might want to be more selective.)

Thanks to klausi for his help in figuring this out, and for the project. I think it's a very interesting addition to Drupal.

I tried all the examples here with no success (possibly my bad) but was able to piece together a working example from #8 and prior posts. Below are the assumptions and some simple sample code:

• basic authentication module is on
• username begins with restws (or you change the regex described above)
• user has permission to the resources in question (restws creates api permissions)

$site = 'https://somewhere.edu';
$user = 'restws.whatever';
$pass = 'your-password';

$ws = new DrupalRestWs($site, $user, $pass);
print_r($ws->get('node', 'json'));

class DrupalRestWS {

  public function __construct($base, $user, $pass) {
    $this->base = $base;
    $this->user = $user;
    $this->pass = $pass;
  }

  function get($resource, $format) {
    $ch = curl_init($this->base . '/' . $resource . '.' . $format);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-type: application/json'));
    curl_setopt($ch, CURLOPT_HEADER, 1);
    curl_setopt($ch, CURLOPT_USERPWD, base64_encode($this->user . ':' . $this->pass));
    curl_setopt($ch, CURLOPT_TIMEOUT, 30);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
    $response = curl_exec($ch);
    $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
    $header = substr($response, 0, $header_size);
    $json = substr($response, $header_size);
    return json_decode($json);
  }
}

As an aside, there's a few projects on github that may also be helpful if you search for restws and drupal.

Hi,
I have created one page content entity =node/1 and able to get response in html format while hitting the url : GET http://localhost/mysite/node/1
but its showing "page not found" in browser and "404 not found" status in rest client when I use request http://localhost/mysite/node/1.json.

How can I get the content in json format representation when I use the request like GET http://localhost/mysite/node/1 bcz this request returning response in html format with whole page layout structure.But I want only content in json format.

yours help is greatly appreciate.

Thanks
Akki