Customer Portal not working

Tom_Tom_ Member
in Help edited November 26
https://wiki.foxycart.com/v/2.0/customer_portal

I'm following this using the following code:

<form action="https://STORE.foxycart.com/v/2.0.0/api_json.php" method="POST">
<label>
Email:
<input type="email" name="customer_email" required>
</label>
<label>
Password:
<input type="password" name="customer_password" required>
</label>
<input type="hidden" name="store_id" value="STOREID">
<input type="hidden" name="ThisAction" value="CheckLogin">
<button type="submit">Login</button>
</form>


Replace STORE and STOREID for the real things, just put those there as example. I got the STORE ID from the store dropdown value in the admin panel.
However, even if I try the query string version, I'm getting the following returned:
{"ok":false,"details":"Transaction not found"}

All the details are correct.
Comments
  • fc_marijafc_marija FoxyCart Team
    Hi @Tom_ -

    We replied to the email you sent to the help desk – but I see that you probably already had the same value from the option value. Have you gotten it to work? Let us know if not, we're happy to continue to help.
  • Tom_Tom_ Member
    @fc_marija Hi Marija, I noticed that. Thank you, I did in fact have the correct ID already. I thought that may have been the issue. I haven't got it to work sadly.
  • Tom_Tom_ Member
    @fc_marija I now have got this working. Not entirely sure what was happening. I suspect that there was an incorrect password in our files. On doing a test purchase and creating a new account then testing against that account everything came back fine.
  • Tom_Tom_ Member
    edited November 27
    @fc_marija I now have it that visiting the URL works fine. However, I need to get the JSON response so I tried this:
    <?php

    if($_POST['ThisAction'] == "CheckLogin") {

    $ch = curl_init('https://STORENAME.foxycart.com/v/2.0.0/api_json.php');
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $_POST);
    $response = curl_exec($ch);
    curl_close($ch);

    // Return the response.
    var_dump($response);
    }

    ?>

    <form action="" method="POST">
    <label>
    Email:
    <input type="email" name="customer_email" required>
    </label>
    <label>
    Password:
    <input type="password" name="customer_password" required>
    </label>
    <input type="hidden" name="store_id" value="STOREID">
    <input type="hidden" name="ThisAction" value="CheckLogin">
    <button type="submit">Login</button>
    </form>


    This doesn't work again. What is the correct way to "Get a response?" I tried Ajax but that has cross origin issues. I'd prefer to use PHP so I can set a PHP cookie for templating.

    Returns: string(46) "{"ok":false,"details":"Transaction not found"}"


    Edit:
    Tried -
    <?php

    if($_POST['ThisAction'] == "CheckLogin") {


    $url = "https://STORENAME.foxycart.com/v/2.0.0/api_json.php?" . http_build_query($_POST);

    $ch = curl_init($url);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    $response = curl_exec($ch);
    curl_close($ch);

    // Return the response.
    echo $url . "<br>";
    var_dump($response);
    }

    ?>

    <form action="" method="POST">
    <label>
    Email:
    <input type="email" name="customer_email" required>
    </label>
    <label>
    Password:
    <input type="password" name="customer_password" required>
    </label>
    <input type="hidden" name="store_id" value="STOREID">
    <input type="hidden" name="ThisAction" value="CheckLogin">
    <button type="submit">Login</button>
    </form>


    Comes up with the same error, but interestingly copying and pasting the echo'ed out url works fine. I'm confused by this haha! What's the proposed way of getting the json back?
  • fc_adamfc_adam FoxyCart Team
    @Tom_,

    Thanks for posting what you've tried there - sorry for the confusion. Looks like our docs neglected to note that the fcsid is required too.

    I've updated the customer portal page with details on that - but as long as you're including your store's "loader.js" file on your login page, you can include this javascript on the page too which will dynamically add the session ID into the login form:
    <script>
    var FC = FC || {};
    FC.onLoad = function() {
    FC.client.on("ready.done", function() {
    $("#LoginForm").append('<input type="hidden" name="' + FC.json.session_name + '" value="' + FC.json.session_id + '">');
    });
    };
    </script>
    Give that a try, and hopefully it should get the login working for you
  • Tom_Tom_ Member
    edited November 27
    @fc_adam I don't believe that has fixed it. Here is the outputted HTML
    <form id="LoginForm" action="" method="POST">
    <label>
    Email:
    <input type="email" name="customer_email" required="">
    </label>
    <label>
    Password:
    <input type="password" name="customer_password" required="">
    </label>
    <input type="hidden" name="store_id" value="STOREID">
    <input type="hidden" name="ThisAction" value="CheckLogin">
    <button type="submit">Login</button>
    <input type="hidden" name="fcsid" value="u3qundi28j9ka315a6j0locr23"></form>


    Here is the server code:
    if($_POST['ThisAction'] == "CheckLogin") {
    $ch = curl_init("https://STORENAME.foxycart.com/v/2.0.0/api_json.php?" . http_build_query($_POST));
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    $response = curl_exec($ch);
    curl_close($ch);

    // Return the response.
    echo $url . "<br>";
    var_dump($response);
    }


    Returns string(46) "{"ok":false,"details":"Transaction not found"}"

    Interestingly, if I login using the Checkout page. Then go back and try access it through the URL it works. If I try access it through the URL without login in via Checkout I get "Transaction not found". No matter what I do, it always returns that through Curl.
  • fc_adamfc_adam FoxyCart Team
    @Tom_,

    Thanks for the update - and sorry for missing that aspect of it. When I was testing to confirm, I had an active cart session so was seeing the successes like you noted when you went to the checkout and then tried again. As our login functionality lives on the checkout, it assumes that the customer has an active cart session - as you can't be on the checkout without one.

    That's why you're seeing the "Transaction not found" message returned, as there wasn't a transaction found. It's still technically a successful authentication - but it couldn't find a transaction to display the full JSON response. As such - you can check for a successful authentication where ok is true, or when ok is false and the details is Transaction not found.

    I've updated the wiki with extra details around that - sorry that's confusing. This wasn't the intended use case for our login functionality, but it does help stores set up authentication without maintaining the customer's login details on their side. We're working towards a native customer portal feature currently, which will also introduce a cleaner authentication set up too.
  • Tom_Tom_ Member
    @fc_adam Thanks for that Adam, I look forward to seeing the portal. I was going to use SSO but we do not provide any extra functionality other than what's available through FoxyCart. So there wasn't much point in signing in to our website (though that functionality does exist, but mainly for admins).

    One thing I've noticed is that including the FoxyCart Session ID doesn't actually change the response in anyway. So it does work without it. It's just the message that is returned is confusing. I haven't actually seen okay come back as true.

    However, this is the responses I've got...
    Username and Password is correct:
    {"ok":false,"details":"Transaction not found"}

    Username is correct but password is wrong:
    {"ok":false,"details":"EmailFound"}

    Username is incorrect:
    {"ok":false,"details":""}

    So from what I can tell. FCSID is not in fact needed in authentication, "ok" will always return "false" so it's worth only checking "details" against those strings.
  • fc_adamfc_adam FoxyCart Team
    @Tom_,

    If you don't pass the fcsid value - you can just use the "Transaction not found" messaging as the metric for successful authentication, so you're correct that it's not ultimately needed - sorry for any misdirection on that earlier.

    If an active cart session is passed though - an ok:true response does come back, and includes additional details related to the checkout session. For a straight login set up though, that's not really needed though. As such, you could remove the javascript I noted earlier, and just check the details node for whether the login was good or not.
Sign In or Register to comment.