Mobile App Use Case

Let's consider you are building a mobile app with Joomla as backend for APIs. You can use com_api, plg_api_users, and create your own API plugins as needed.

Pre-requisites

• You have installed latest com_api and its latest user plugin
• And, you have built a mobile application which interacts with your website

Steps for com_api as Rest API provider

Steps to get auth token

• 1.1 From the mobile app, when user wants to login for very first time - user will enter username and password in the mobile application login form.
• 1.2 Your mobile app will catch those credentials,
• 1.3 and make an API call as below

Example:

Method

POST

URL

{{host}}/index.php?option=com_api&app=users&resource=login&format=raw

Headers

Content-Type: application/x-www-form-urlencoded

Post Data

username: user entered value
password: user entered value

CURL example

curl --location --request POST 'http://{{host}}/index.php?app=users&resource=login&option=com_api&format=raw' \
--form '[email protected]' \
--form 'password=passwordGoesHere'

Response

If credentials are correct, you will get a response, which looks like

{
    "err_msg": "",
    "err_code": "",
    "response_id": 214,
    "api": "users.login",
    "version": "",
    "data": {
      "auth": "c8b16517a0a21c446f1ee9980944cd7e",
        "code": "200",
        "id": "653",
        "jwt": "eyJ0eXAiOiJKV1QiLCJhreebGciOiJIUzI1NiJ9.eyJpZCI6IjY1MyJ9.rere-ZAhpXYXvCHuZbqqTmtwjUvlv8ZnA2t-PxzI"
    }
}

Steps to use auth token for subsequent API calls

• 2.1 Once you get the response to above, you get an auth key, which you can use for next API calls
• 2.2 Your mobile app should store the auth key lets say local storage or whatever way you prefer "auth": "c8b16517a0a21c446f1ee9980944cd7e"
• 3.0 Now, for subsequent API calls you can pass this auth key in the header and still access APIs without passing username and password.

Example:

Method

GET

URL

{{host}}/index.php?option=com_api&app=users&resource=user&format=raw&id=619

Headers

Content-Type: application/x-www-form-urlencoded
Authorization: Bearer c8b16517a0a21c446f1ee9980944cd7e

CURL example

curl --location --request GET 'http://{{host}}/index.php?app=users&resource=login&option=com_api&format=raw' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Bearer c8b16517a0a21c446f1ee9980944cd7e'

Response

You will get a response, which looks like

{
    "err_msg": "",
    "err_code": "",
    "response_id": 218,
    "api": "users.user",
    "version": "",
    "data": {
        "id": "619",
        "name": "asdasd adasda",
        "username": "asdadad",
        "email": "[email protected]",
        "block": "0",
        "sendEmail": "1",
        "registerDate": "2019-05-10 06:54:13",
        "lastvisitDate": "2019-08-27 12:44:44",
        "activation": "0",
        "params": "",
        "groups": {
            "8": "8"
        },
        "guest": 0
    }
}

As described in step 3.0, you can call the APIs you have built from the app and use those.

Tip

If you set up SEF, and have created menu for com_api (with api as alias), you can use SEF URLs like below instead of the one used in above example

{{host}}/api/users/user/619

---

Last update: June 3, 2020