After git and npm i and restart nodebb
I cannot open the page plugin-write-api.
I found it dosen't generate a write-api.tpl file into /nodebb/public/templates/admin/plugins.
I put a copy in it. Then it works.
It's so weird. : )

Enhance API to allow updates to password (after initial creation) and user avatar image. For my current requirements, it would not be necessary to support the uploading of an image, but rather to be able to simply specify the URL of a picture hosted elsewhere.

I want to add tags to post so i use PUT call like /api/v1/topics/tid and send tag array in body but it give response like invalid api call

please help me

It would be great to have it. Like, creating a group will give you an option to set privileges for it.

Hi there,
Running nodebb v0.8.2 after installing the write api, seemed to work on previous versions any fix?

18/9 12:05 [1] - error: Error: Cannot find module './src/postTools'
at Function.Module._resolveFilename (module.js:338:15)
at Function.Module._load (module.js:280:25)
at Module.require (module.js:364:17)
at Object. (/opt/nodebb/node_modules/nodebb-plugin-write-api/routes/v1/posts.js:4:30)
at Module._compile (module.js:456:26)
at Object.Module._extensions..js (module.js:474:10)
at Module.load (module.js:356:32)
at Function.Module._load (module.js:312:12)
at Module.require (module.js:364:17)
at require (module.js:380:17)

when i create a post,
I simply put the contents in curl,
but does this mean I can only send pure text?
I've tried the bbcode
![alt text](image url)
It appears that the content is <a href="image url"></a>
not <img src="image url"> which I have expected

I'm pretty sure this is a typo in line 51:

async.apply(Users.delete, req.params.uid)

should be

async.apply(Users.delete, req.user.uid, req.params.uid)

I had installed nodebb-plugin-write-api in NodeBB 0.7.0-dev version and it worked on it but when i try to use the same plugin in 0.6.1 version it does not work . It gives me following error:

• error: [plugins] Error executing 'static:app.load' in plugin
  'nodebb-plugin-write-api'
• error: Error: Route.post() requires callback functions but g
  ot a [object Undefined]
  at Route. (D:\nodebb\node_modules\nodebb-plugin-write
  -api\node_modules\express\lib\router\route.js:170:15)
  at Array.forEach (native)
  at Route.(anonymous function) [as post](D:nodebbnode_modules
  nodebb-plugin-write-apinode_modulesexpresslibrouterroute.js:166:15)
  at Function.proto.(anonymous function) (D:\nodebb\node_modules\n
  odebb-plugin-write-api\node_modules\express\lib\router\index.js:498:19)
  at module.exports (D:\nodebb\node_modules\nodebb-plugin-write-ap
  i\routes\v1\groups.js:22:6)
  at module.exports (D:\nodebb\node_modules\nodebb-plugin-write-ap
  i\routes\v1\index.js:10:40)
  at module.exports (D:\nodebb\node_modules\nodebb-plugin-write-ap
  i\routes\index.js:7:26)
  at Object.API.init [as method](D:nodebbnode_modulesnodebb-pl
  ugin-write-apiindex.js:14:34)
  at D:\nodebb\src\plugins\hooks.js:127:14
  at D:\nodebb\node_modules\async\lib\async.js:125:13

Also I wanted to know about version 0.7 when can I expect it to be released as a stable version.

please help me into it?

Yes, I guess it obviously.

I have updated the test isLanguage key with the latest match from nodebb 9.x it seems to be wrong in the write API. Maybe can create a PR?

https://github.com/jamesjjk/nodebb-plugin-write-api

... instead of living at the root of the repo

Hi,

what's the purpose of the Bearer/Master token if when using APIs through other applications, other than the token the APIs still need the login session? Is that how this plugin is supposed to work?

Because at the moment I receive this error:

code: "not-authorised"
message:"A valid login session was not found. Please log in and try again."
params: {}

In case I would like to have API only "protected" by the token, how could I do that?
Or how can I retrieve the login session in another NodeJS application?

EDIT:

I read about the same problem in #54, I can easily reproduce the error going on my forum in incognito mode on Chrome and run in the console:

$.ajax({
            type:"POST",
            headers: 
            {
              "Authorization" : "Bearer 5ea8d91f-81b0-43b3-8650-a83bc46e40ea",
            },
            url: "/api/v1/topics",
            data: { 
                "cid": 25, "title":"Tactic Test Results 17.1.2", "content": "hola hola hola"
            }
            
    });

(after writing here, I revoked the bearer 😂)

And by the way, even with the revoked Bearer, it gives me the same error.

I found a file (./src/categories/create.js) which operates with a function to create categories, and slightly modified it:

var category = {
    cid: cid,
    name: data.name,
    description: data.description,
    icon: data.icon,
    bgColor: data.bgColor,
    color: data.color,
    slug: slug,
    parentCid: 0,
    topic_count: 0,
    post_count: 0,
    disabled: 0,
    order: data.order,
    link: '',
    numRecentReplies: 1,
    class: 'col-md-3 col-xs-6',
    imageClass: 'auto'
};

to:

var category = {
    cid: cid,
    name: data.name,
    description: ( data.description ? data.description : '' ),
    icon: ( data.icon ? data.icon : '' ),
    bgColor: ( data.bgColor ? data.bgColor : '' ),
    color: ( data.color ? data.color : '' ),
    slug: slug,
    parentCid: ( data.parentCid ? data.parentCid : 0 ),
    topic_count: 0,
    post_count: 0,
    disabled: 0,
    order: ( data.order ? data.order : cid ),
    link: '',
    numRecentReplies: 1,
    class: ( data.class ? data.class : 'col-md-3 col-xs-6' ),
    imageClass: 'auto'
};

Is it possible to make changes to the master branch NodeBB?

Hello, I am not able to create either uid or master tokens via the /admin/plugins/write-api page. Is there something I'm missing?

Here are my configuration details;
-NodeBB running in docker connected to redis docker data volume (I have tried versions 0.5.4, and 0.6.1, and 0.7)
-plugin-write-api is the only plugin I have installed.
-all other settings left as default

Have I missed a step?

The groups/:slug/membership DESTROY route doesn't check whether the uid is a member of the group before calling Groups.leave.

The logic of Groups.leave assumes that the uid is a member, and it decrements membercount and then destroys the group if it goes to zero!

I think you need to add in a isMember check before calling Groups.leave in this route.

(For now I'll get around it by using the READ api and doing the isMember check myself, but I think the behavior of groups/:slug/membership DESTROY when the uid isn't a member of the group should be to do nothing and/or return an error like 402)

The following request is failing for me. It seems I need to use JWT as otherwise I would require setting the authorisation header which I can't do for my particular use case. How should the 'params' property be sent in the following request using JWT?

POST http://kommunitynodebb.myurl.com/api/v1/topics/
Content-Type: application/x-www-form-urlencoded
token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfdWlkIjoxfQ.pbm5wbAZ4__yFh5y8oeCsJyT0dm8ROcd5SEBr4yGlNw&cid=1&content=test&title=test2
 -- response --
400 Bad Request
Server:  nginx
Date:  Mon, 02 Nov 2015 14:10:49 GMT
Content-Type:  application/json; charset=utf-8
Content-Length:  160
Connection:  keep-alive
x-powered-by:  NodeBB
x-frame-options:  SAMEORIGIN
Etag:  W/"a0-Bkpgj5XtpAFQx9ys8ARRzQ"
Vary:  Accept-Encoding

{"code":"params-missing","message":"Required parameters were missing from this API call, please see the \"params\" property","params":["cid","title","content"]}

When I'm doing the following with HTTPS (and without certificate using option --insecure) I get a message :
HTTP/1.1 404 Not Found
Cannot POST /api/v1/users

$ curl -X POST --insecure -v -H "Authorization: Bearer MASTER_TOKEN_HERE" --data "_uid=1&username=Toto&password=MotDePasse&email=toto%40yop
mail.com" https://xxxxxxxxx.nodebb.com/api/v1/users

• Adding handle: conn: 0x4dd2a8
• Adding handle: send: 0
• Adding handle: recv: 0
• Curl_addHandleToPipeline: length: 1
• - Conn 0 (0x4dd2a8) send_pipe: 1, recv_pipe: 0
• About to connect() to xxxxxxxxx.nodebb.com port 443 (#0)
• Trying XXX.XXX.XXX.XXX...
• Connected to xxxxxxxxx.nodebb.com (XXX.XXX.XXX.XXX) port 443 (#0)
• SSLv3, TLS handshake, Client hello (1):
• SSLv3, TLS handshake, Server hello (2):
• SSLv3, TLS handshake, CERT (11):
• SSLv3, TLS handshake, Server key exchange (12):
• SSLv3, TLS handshake, Server finished (14):
• SSLv3, TLS handshake, Client key exchange (16):
• SSLv3, TLS change cipher, Client hello (1):
• SSLv3, TLS handshake, Finished (20):
• SSLv3, TLS change cipher, Client hello (1):
• SSLv3, TLS handshake, Finished (20):
• SSL connection using DHE-RSA-AES256-SHA
• Server certificate:

•    subject: OU=Domain Control Validated; OU=PositiveSSL; CN=nodebb.org
  

•    start date: 2013-12-12 00:00:00 GMT
  

•    expire date: 2017-03-11 23:59:59 GMT
  

•    issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN
  

  =COMODO RSA Domain Validation Secure Server CA

•    SSL certificate verify result: self signed certificate in certificate c
  

  hain (19), continuing anyway.

  POST /api/v1/users HTTP/1.1
  User-Agent: curl/7.30.0
  Host: xxxxxxxxx.nodebb.com
  Accept: /
  Authorization: Bearer MASTER_TOKEN_HERE
  Content-Length: 65
  Content-Type: application/x-www-form-urlencoded

• upload completely sent off: 65 out of 65 bytes
  HTTP/1.1 404 Not Found
• Server nginx/1.4.6 (Ubuntu) is not blacklisted
  < Server: nginx/1.4.6 (Ubuntu)
  < Date: Sat, 24 Oct 2015 00:41:52 GMT
  < Content-Type: text/html; charset=utf-8
  < Content-Length: 26
  < Connection: keep-alive
  < X-Powered-By: NodeBB
  < Cache-Control: max-age=0
  < X-Content-Type-Options: nosniff
  < Vary: Accept-Encoding
  <
  Cannot POST /api/v1/users
• Connection #0 to host XXXXXXXXX.nodebb.com left intact

And I don't know if it's linked, but when I go to watch the logs into NodeBB I see :

20/10 12:33 [867] - warn: [plugins/load] The following plugins may not be compatible with your version of NodeBB. This may cause unintended behaviour or crashing. In the event of an unresponsive NodeBB caused by this plugin, run ./nodebb reset -p PLUGINNAME to disable it.

• nodebb-plugin-saas-pageviews

20/10 12:33 [867] - info: NodeBB Ready
20/10 12:33 [867] - info: Enabling 'trust proxy'
20/10 12:33 [867] - error: Error: listen EADDRINUSE
at exports._errnoException (util.js:746:11)
at Server._listen2 (net.js:1129:14)
at listen (net.js:1155:10)
at Server.listen (net.js:1240:5)
at listen (/home/saas/nodebb/src/webserver.js:180:17)
at /home/saas/nodebb/src/webserver.js:57:3
at EventEmitter. (/home/saas/nodebb/src/emitter.js:17:5)
at EventEmitter.emit (events.js:104:17)
at /home/saas/nodebb/src/meta/js.js:203:12
at FSReqWrap.oncomplete (fs.js:99:15)
20/10 12:33 [867] - error: NodeBB address in use, exiting...
[cluster] Child Process (867) has exited (code: 0, signal: null)

Hi,
Any way that I can connect to the API using Java?
I am doing this:

con.setRequestProperty("Authorization", "Bearer <my-key>");

But I get this:
Server returned HTTP response code: 401 for URL:

Any ideas?

Thanks.

It would be great to get the user token with a POST request, passing the user and the md5 pass as POST fields, returning the user token in order to perform requests.

Awesome plugin guys - just what I need!

I can see in the api there is a route for creating a new group, but the logic is missing. Obviously, group creation is not in the published list of end points, but is this planned to be implemented any time soon? It seems like a fairly quick implementation? Or am I missing something?

Thanks.

The README.md is written how to create: curl -H "Authorization: Bearer {YOUR_TOKEN}" --data "title={TITLE}&content={CONTENT}&cid={CID}" http://localhost:4567/api/v1/topics
But there is no description of how to update and delete resources. Please, write about that.

Is there 0.8.3 version?

"compatibility": "^0.8.3"

... and also admins to disable this ability.

I know there's a way to delete a topic, but is there a way to only delete specific posts in the topic?

I just ran into this plugin and excited to use it but it's giving me a headache, lol. Is there some kind of trick to using postman?

https://www.dropbox.com/s/oqg02f62dp030v5/Screenshot%202016-08-02%2018.32.09.png?dl=0

It continues to say there's an issue with the params username but i'm clearly putting username in the params being passed, I've also tried several different variations and same thing.

I guess I must be doing something wrong but I can't figure it out..

So I'm using the master token along with _uid. I generated the token with the uid "1" which is an admin user.
I also tried only with the user token but then I get

{
  "code": "params-missing",
  "message": "Required parameters were missing from this API call, please see the \"params\" property",
  "params": [
    "username"
  ]
}

I installed via https://github.com/NodeBB/nodebb-plugin-write-api.git and activated the plugin. It does not appear in the Plugin menu after restarting NodeBB

I found I had to run `npm installin thenodebb-plugin-write-api/`` folder to install the missing passport-http-bearer dependency

curl -H "Authorization: Bearer e9de6fb6-1234-5678-8bbc-b5073fd1edef" --data "name=123&description=456&bgColor=yellow&color=green" http://localhost:4567/forum/api/v1/categories

Output:

{"code":"internal-server-error","message":"ERR value is not a valid float","params":{}}

In this case, the category is created, but not completely:

And:

Apologies if this should have been attached to the closed issue. Let me know if that was the case.

Would it be possible to add deletion of groups to the api? I've changed my local code to test it, so could send a pull request if this would make it easier for you guys?

Thanks again.

When I'm using CURL in PHP I get the following error (401) :
A valid login session was not found. Please log in and try again.

When I'm using a token, is it normal to have to connect in a session to use CURL with the API ?

Friends,

I've successfully created new users using this API, and I've moved on to trying to update them as well.

BTW, broadly speaking, I'm programmatically synchronizing NodeBB users with our own user database so that our administrators won't have to do "dual" maintenance as new users are added to the system.

What I'm seeing is that the API end point for updating a user record /users PUT /:uid is updating my user record. If I understand the documentation, my guess is that my uid 17 specified on the URL is being ignored.

Here is a log diagnostic from my system:

user_editor.js syncUserNodeBB /users PUT [email protected] uid=17 url=http://support.pract.us/api/v1/users/17 updateRequest={"headers":{"Authorization":"Bearer 7962b4a4-504e-41f0-b669-c7a02c696f27"},"data":{"username":"Testy E Coyote","fullname":"Testy E Coyote"}}

BTW I've changed some of the characters in the access token for security reasons.

When I do this, the system does update something namely my own record. Note: I happen to be uid 1.

Note that uid 17 "Wile E Coyote" remains unaffected; however, my record uid 1 (previously "David Lynch") has been updated to "Testy E Coyote".

Does it look like my URL is correct or could there be some other considerations?

TIA,
Dave

or is there gonna be one?

Nodebb 1.4.2
Node 7.4.0
nodebb-plugin-write-api 4.6.0

When i call DELETE on /api/v1/posts/29834 or any post it returns:

{
  "code": "ok",
  "payload": {}
}

But the post remains I have tried it with both a master token and an admin and the user that posted it along with an admin user token.

I'm using Node.js 0.10.36 with NodeBB v0.6.1. I'm a brand new user of NodeBB as of yesterday, and I have it installed and running on Ubuntu 14.04 (Amazon EC2).

The system is up, but one of our requirements involves creating users from an external system. I've installed the NodeBB Write API plugin via the ACP:

I have successfully restarted NodeBB, but I'm unable to create the API token. When I try to navigate to admin/plugins/write-api in order to generate the token, I'm receiving this message:

/api/admin/plugins/write-api Not Found
not-found

Am I going to the right place to do this, or is there something I'm missing (either in my own understanding or configuration)?

Thanks in advance.

From what I see in the api doc, they are all write api for nodebb. I wonder if any read APIs for nodebb, for example, access http://myforum.com/topic/1234 returns a JSON object rather than HTML page?

Thanks!

Will appreciate to have a route to send notification.
Thanks in advance

Sending a chat message via the API returns the following error:

"Messaging.canMessage is not a function"

Seems like the function call is outdated with current version of NodeBB.

I use url in my NodeBB: /forum
According to this url for api I'm writing a little differently, for reference.

Try: curl -H "Authorization: Bearer e9de6fb6-1234-5678-8bbc-b5073fd1edef" --data "title=123&content=asd&cid=2" http://localhost:4567/forum/api/v1/topics

Output:

{"status":"ok","data":{"topic":{"tid":"21","uid":"1","cid":"2","mainPid":"49","title":"123","slug":"21/123","timestamp":"1425801721198","lastposttime":"1425801721208","postcount":"1","viewcount":"0","locked":false,"deleted":false,"pinned":false,"relativeTime":"2015-03-08T08:02:01.198Z","category":{"cid":"2","name":"Основное обсуждение","slug":"2/основное-обсуждение","icon":"hidden","bgColor":"#59b3d0","color":"#fff","disabled":false},"user":{"uid":"1","username":"sergej","userslug":"sergej","picture":"/forum/uploads/profile/1-profileimg.jpeg"},"tags":[],"isOwner":true,"unread":false,"unreplied":1},"post":{"pid":49,"uid":1,"tid":21,"content":"<p>asd</p>\n","timestamp":1425801721208,"reputation":0,"votes":0,"editor":"","edited":0,"deleted":0,"user":{"uid":"1","username":"sergej","userslug":"sergej","reputation":"0","postcount":"15","picture":"/forum/uploads/profile/1-profileimg.jpeg","signature":"","banned":false,"status":"online","groups":[{"name":"Приват","slug":"приват","createtime":"1424938107100","userTitle":"asd","description":"","memberCount":"0","deleted":"0","hidden":"0","system":"0","private":"1","icon":"fa-umbrella","labelColor":"#188072","cover:url":"/forum/uploads/files/upload-7dad8c95-300d-439a-ae67-e824ffd7c687","cover:position":"50% 50%","createtimeISO":"2015-02-26T08:08:27.100Z"}],"custom_profile_info":[]},"topic":{"tid":"21","title":"123","slug":"21/123","cid":"2"},"index":0,"favourited":false,"display_moderator_tools":true,"display_move_tools":true,"selfPost":false,"relativeTime":"2015-03-08T08:02:01.208Z"}}}

This ok!

Try: curl -H "Authorization: Bearer e9de6fb6-1234-5678-8bbc-b5073fd1edef" --data "name=123&description=456&bgColor=yellow&color=green" http://localhost:4567/forum/api/v1/categories

Output:

{"code":"not-found","message":"Invalid API call","params":{}}

Something wrong?

The rest api present only for create new post but how i give reply to existing post ?Which rest api i use for it, Please help me.

./nodebb dev output:

[plugins] Error executing 'static:app.load' in plugin 'nodebb-plugin-write-api'
6/4 18:44 [13770] - error:  Error: Cannot find module './public/src/translator'
    at Function.Module._resolveFilename (module.js:338:15)
    at Function.Module._load (module.js:280:25)
    at Module.require (module.js:364:17)
    at Object.<anonymous> (/home/nodebb/node_modules/nodebb-plugin-write-api/lib/errorHandler.js:4:31)
    at Module._compile (module.js:456:26)
    at Object.Module._extensions..js (module.js:474:10)
    at Module.load (module.js:356:32)
    at Function.Module._load (module.js:312:12)
    at Module.require (module.js:364:17)
    at require (module.js:380:17)

...

Hello,

What do you think about adding an endpoint for banning users? This would allow for better integration with an authorization service by exposing a route to hit on NodeBB when users are banned via a third party system.

Thank you!

I tried to create token or post a topic for a user with api, no matter with master token or admin user token, but always give back error "A login session was not found. Please log in and try again.". Any idea, thanks.

How to Generate uid an API token in the ACP page please help me?

/admin/plugins/write-api Not Found
You seem to have stumbled upon a page that does not exist. Return to the home page.

The Write API should also provide its authentication methods to the builtin Read API, but this doesn't seem to work. API users can only access private data when authenticating against a Write API request first and running the Read API request afterwards while making use of the same cookie. Please have a look at this thread for more information: https://community.nodebb.org/topic/8270/why-access-to-rest-api-not-authorized/

How to get cid by name category? It is necessary to automatically create subcategories.
Exemple:

forearch ( $brands as $brand ){
    $nodebb->category_add('name='.$brand);
    forearch ( $cars as $car ){
        $nodebb->category_add('name='.$car.'&parentCid='.$nodebb->category_getIdByName($brand));
    }
}