ZoneMinder Forums

ZoneMinder Forums
https://forums.zoneminder.com/

API+Authentication not working

https://forums.zoneminder.com/viewtopic.php?t=25900

Page 1 of 1

API+Authentication not working

Posted: Thu Mar 02, 2017 3:06 am
by clueo8
I have ZM v1.30.2 installed via apt (http://ppa.launchpad.net/iconnor/zoneminder/ubuntu) on Ubuntu 14.04. I'm trying to get the zm API working with OPT_USE_AUTH enabled. The API page is green so that part is okay. If I disable OPT_USE_AUTH, /zm/api/host/getVersion.json works fine. With OPT_USE_AUTH enabled, I get "Not Authenticated":

Code: Select all

{ "success": false, "data": { "name": "Not Authenticated", "message": "Not Authenticated", "url": "\/zm\/api\/host\/getVersion.json", "exception": { "class": "UnauthorizedException", "code": 401, "message": "Not Authenticated", "trace": [ "#0 [internal function]: AppController->beforeFilter(Object(CakeEvent))", "#1 \/usr\/share\/zoneminder\/www\/api\/lib\/Cake\/Event\/CakeEventManager.php(243): call_user_func(Array, Object(CakeEvent))", "#2 \/usr\/share\/zoneminder\/www\/api\/lib\/Cake\/Controller\/Controller.php(677): CakeEventManager->dispatch(Object(CakeEvent))", "#3 \/usr\/share\/zoneminder\/www\/api\/lib\/Cake\/Routing\/Dispatcher.php(189): Controller->startupProcess()", "#4 \/usr\/share\/zoneminder\/www\/api\/lib\/Cake\/Routing\/Dispatcher.php(167): Dispatcher->_invoke(Object(HostController), Object(CakeRequest))", "#5 \/usr\/share\/zoneminder\/www\/api\/app\/webroot\/index.php(108): Dispatcher->dispatch(Object(CakeRequest), Object(CakeResponse))", "#6 {main}" ] }, "queryLog": { "default": { "log": [ { "query": "SELECT `Config`.`Id`, `Config`.`Name`, `Config`.`Value`, `Config`.`Type`, `Config`.`DefaultValue`, `Config`.`Hint`, `Config`.`Pattern`, `Config`.`Format`, `Config`.`Prompt`, `Config`.`Help`, `Config`.`Category`, `Config`.`Readonly`, `Config`.`Requires` FROM `zm`.`Config` AS `Config` WHERE `Config`.`Name` = 'ZM_OPT_USE_API' LIMIT 1", "params": [ ], "affected": 1, "numRows": 1, "took": 0 }, { "query": "SELECT `Config`.`Id`, `Config`.`Name`, `Config`.`Value`, `Config`.`Type`, `Config`.`DefaultValue`, `Config`.`Hint`, `Config`.`Pattern`, `Config`.`Format`, `Config`.`Prompt`, `Config`.`Help`, `Config`.`Category`, `Config`.`Readonly`, `Config`.`Requires` FROM `zm`.`Config` AS `Config` WHERE `Config`.`Name` = 'ZM_OPT_USE_AUTH' LIMIT 1", "params": [ ], "affected": 1, "numRows": 1, "took": 0 }, { "query": "SELECT `Config`.`Id`, `Config`.`Name`, `Config`.`Value`, `Config`.`Type`, `Config`.`DefaultValue`, `Config`.`Hint`, `Config`.`Pattern`, `Config`.`Format`, `Config`.`Prompt`, `Config`.`Help`, `Config`.`Category`, `Config`.`Readonly`, `Config`.`Requires` FROM `zm`.`Config` AS `Config` WHERE `Config`.`Name` = 'ZM_OPT_USE_API' LIMIT 1", "params": [ ], "affected": 1, "numRows": 1, "took": 0 }, { "query": "SELECT `Config`.`Id`, `Config`.`Name`, `Config`.`Value`, `Config`.`Type`, `Config`.`DefaultValue`, `Config`.`Hint`, `Config`.`Pattern`, `Config`.`Format`, `Config`.`Prompt`, `Config`.`Help`, `Config`.`Category`, `Config`.`Readonly`, `Config`.`Requires` FROM `zm`.`Config` AS `Config` WHERE `Config`.`Name` = 'ZM_OPT_USE_AUTH' LIMIT 1", "params": [ ], "affected": 1, "numRows": 1, "took": 0 } ], "count": 4, "time": 0 } } } }
I tried capturing my cookies.txt and curling with those but that also does not work, displays the same 'Not Authenticated' message as above. I have Apache 2.4, here are my ZM specific configs:

Code: Select all

ScriptAlias /zm/cgi-bin "/usr/lib/zoneminder/cgi-bin"
<Directory "/usr/lib/zoneminder/cgi-bin">
    Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
    AllowOverride All
    Require all granted
</Directory>

Alias /zm /usr/share/zoneminder/www
<Directory /usr/share/zoneminder/www>
  php_flag register_globals off
  Options -Indexes +FollowSymLinks
  <IfModule mod_dir.c>
    DirectoryIndex index.php
  </IfModule>
</Directory>

<Directory /usr/share/zoneminder/www/api>
    AllowOverride All
</Directory>
Normal ZM webpage operation is fine, I'm using https/cert from letsencrypt, its just the APIs which aren't working with OPT_USE_AUTH enabled. Been searching around and can't find a solution to my particular problem. Apache error logs don't display anything when hitting the api. Thanks in advance.

Re: API+Authentication not working

Posted: Sun Mar 05, 2017 1:25 am
by rockedge
have you looked at this? from the manual : http://zoneminder.readthedocs.io/en/latest/api.html

The APIs tie into ZoneMinder’s existing security model. This means if you have OPT_AUTH enabled, you need to log into ZoneMinder using the same browser you plan to use the APIs from. If you are developing an app that relies on the API, you need to do a POST login from the app into ZoneMinder before you can access the API.

Then, you need to re-use the authentication information of the login (returned as cookie states) with subsequent APIs for the authentication information to flow through to the APIs.

This means if you plan to use cuRL to experiment with these APIs, you first need to do

Code: Select all

curl -d "username=XXXX&password=YYYY&action=login&view=console" -c cookies.txt  http://yourzmip/zm/index.php
replacing XXXX and YYYY with your username and password, respectively.

Please make sure you do this in a directory where you have write permissions, otherwise cookies.txt will not be created and the command will silently fail.

What the “-c cookies.txt” does is store a cookie state reflecting that you have logged into ZM. You now need to apply that cookie state to all subsequent APIs. You do that by using a ‘-b cookies.txt’ to subsequent APIs if you are using CuRL like so:

Code: Select all

curl -b cookies.txt http://yourzmip/zm/api/monitors.json
This would return a list of monitors and pass on the authentication information to the ZM API layer.

So remember, if you are using authentication, please add a -b cookies.txt to each of the commands below if you are using CuRL. If you are not using CuRL and writing your own app, you need to make sure you pass on cookies to subsequent requests in your app.
Examples (please read security notice above)

You will see each URL ending in either .xml or .json. This is the format of the request, and it determines the format that any data returned to you will be in. I like json, however you can use xml if you’d like.

(In all examples, replace ‘server’ with IP or hostname & port where ZoneMinder is running)

Re: API+Authentication not working

Posted: Sat Mar 11, 2017 5:15 pm
by clueo8
Yes, I have read and understand that. I tried saving the cookies and using curl and that does not work with the API. I've also tried logging in then going to API in same browser session and that fails to work. What I really am trying to use is zmNinja but my APIs are not working and I know it's because of this error. I think possibly somewhere else in my apache config could be interfearing.

Re: API+Authentication not working

Posted: Sun Mar 12, 2017 12:00 am
by bbunge
I do not remember having issues with the API's in Ubuntu 14.04. Ubuntu 16.04 had some permissions issues that were fixed by: chown -R www-data:www-data /usr/share/zoneminder/



14.04 Ubuntu install procedure: https://wiki.zoneminder.com/Ubuntu_Serv ... e_easy_way

Re: API+Authentication not working

Posted: Thu Mar 16, 2017 7:33 pm
by asker
@clueo8 - please see https://github.com/ZoneMinder/ZoneMinder/issues/1813
Please participate with data requested (and see workaround - not a full fix)

Re: API+Authentication not working

Posted: Wed Oct 10, 2018 3:46 pm
by detxm80
Hi, i've 1.32.1 and i've api problem:

Code: Select all

	
success	false
data	
name	"Not Authenticated"
message	"Not Authenticated"
url	"/zm/api/host/getVersion.json"
exception	
class	"UnauthorizedException"
code	401
message	"Not Authenticated"
trace	
0	"#0 /usr/share/zoneminder/www/api/lib/Cake/Event/CakeEventManager.php(243): AppController->beforeFilter(Object(CakeEvent))"
1	"#1 /usr/share/zoneminder/www/api/lib/Cake/Controller/Controller.php(677): CakeEventManager->dispatch(Object(CakeEvent))"
2	"#2 /usr/share/zoneminder/www/api/lib/Cake/Routing/Dispatcher.php(189): Controller->startupProcess()"
3	"#3 /usr/share/zoneminder/www/api/lib/Cake/Routing/Dispatcher.php(167): Dispatcher->_invoke(Object(HostController), Object(CakeRequest))"
4	"#4 /usr/share/zoneminder/www/api/app/webroot/index.php(107): Dispatcher->dispatch(Object(CakeRequest), Object(CakeResponse))"
5	"#5 {main}"
queryLog	[]
can you help me?

it's seems to not create a problem, but i want to resolve it
tnx

edit: i i use my domains ex domains.zoneminder.com/zm/api/host/getVersion.json it's all ok, if i use local ip ex http://xxx.xxx.x.x/zm/api/host/getVersion.json i'm get api error

Re: API+Authentication not working

Posted: Sun Oct 14, 2018 6:01 pm
by bbunge
detxm80 wrote: Wed Oct 10, 2018 3:46 pm Hi, i've 1.32.1 and i've api problem:

Code: Select all

	
success	false
data	
name	"Not Authenticated"
message	"Not Authenticated"
url	"/zm/api/host/getVersion.json"
exception	
class	"UnauthorizedException"
code	401
message	"Not Authenticated"
trace	
0	"#0 /usr/share/zoneminder/www/api/lib/Cake/Event/CakeEventManager.php(243): AppController->beforeFilter(Object(CakeEvent))"
1	"#1 /usr/share/zoneminder/www/api/lib/Cake/Controller/Controller.php(677): CakeEventManager->dispatch(Object(CakeEvent))"
2	"#2 /usr/share/zoneminder/www/api/lib/Cake/Routing/Dispatcher.php(189): Controller->startupProcess()"
3	"#3 /usr/share/zoneminder/www/api/lib/Cake/Routing/Dispatcher.php(167): Dispatcher->_invoke(Object(HostController), Object(CakeRequest))"
4	"#4 /usr/share/zoneminder/www/api/app/webroot/index.php(107): Dispatcher->dispatch(Object(CakeRequest), Object(CakeResponse))"
5	"#5 {main}"
queryLog	[]
can you help me?

it's seems to not create a problem, but i want to resolve it
tnx

edit: i i use my domains ex domains.zoneminder.com/zm/api/host/getVersion.json it's all ok, if i use local ip ex http://xxx.xxx.x.x/zm/api/host/getVersion.json i'm get api error
Linux distro and version?

Did you by chance upgrade from Ubuntu 16.04 to 18.04? If you did make sure PHP 7.0 is removed and 7.2 is configured for Zoneminder.

Re: API+Authentication not working

Posted: Sun Oct 14, 2018 9:55 pm
by detxm80
bbunge wrote: Sun Oct 14, 2018 6:01 pm
detxm80 wrote: Wed Oct 10, 2018 3:46 pm Hi, i've 1.32.1 and i've api problem:

Code: Select all

	
success	false
data	
name	"Not Authenticated"
message	"Not Authenticated"
url	"/zm/api/host/getVersion.json"
exception	
class	"UnauthorizedException"
code	401
message	"Not Authenticated"
trace	
0	"#0 /usr/share/zoneminder/www/api/lib/Cake/Event/CakeEventManager.php(243): AppController->beforeFilter(Object(CakeEvent))"
1	"#1 /usr/share/zoneminder/www/api/lib/Cake/Controller/Controller.php(677): CakeEventManager->dispatch(Object(CakeEvent))"
2	"#2 /usr/share/zoneminder/www/api/lib/Cake/Routing/Dispatcher.php(189): Controller->startupProcess()"
3	"#3 /usr/share/zoneminder/www/api/lib/Cake/Routing/Dispatcher.php(167): Dispatcher->_invoke(Object(HostController), Object(CakeRequest))"
4	"#4 /usr/share/zoneminder/www/api/app/webroot/index.php(107): Dispatcher->dispatch(Object(CakeRequest), Object(CakeResponse))"
5	"#5 {main}"
queryLog	[]
can you help me?

it's seems to not create a problem, but i want to resolve it
tnx

edit: i i use my domains ex domains.zoneminder.com/zm/api/host/getVersion.json it's all ok, if i use local ip ex http://xxx.xxx.x.x/zm/api/host/getVersion.json i'm get api error
Linux distro and version?

Did you by chance upgrade from Ubuntu 16.04 to 18.04? If you did make sure PHP 7.0 is removed and 7.2 is configured for Zoneminder.
Hi, ubuntu 18.04 clean install and php 7.2, only with local io i’ve problem not by my domain name

Re: API+Authentication not working

Posted: Fri Aug 30, 2019 4:11 pm
by Sekhar
Were you able to get this working? I'm having the same issue.

Re: API+Authentication not working

Posted: Mon Sep 02, 2019 12:33 am
by eaglesvr
Noticed this issue as well after the recent ZM update a couple days ago to the version 1.33.13. - zm cameras disappeared in Home Assistant
When OPT_USE_AUTH is unchecked API works and returns the matching version. What I can see that the request uses the correct cookie ZMSESSID - returned by the login response in another browser's tab. API test also worked when zm switched to basic auth mode. Today's update to 1.33.14 hasn't fixed the issue. ZM is running behind nginx reverse proxy. It worked with ZM version 1.33.12 and below. Considering switching to basic auth, although that will result in other issues since basic auth is not supported by contemporary browsers anymore, especially on IOS.
Tried this via local http and external https- both returned 401, "Not Authenticated" error
After multiple attempts to reconfigure zm and nginx somehow I got zm cameras showing in Home Assistant again. But API test still fails(?)
Looks like API test just did not work much earlier. Anyway, it would be a good idea to fix it.

Re: API+Authentication not working

Posted: Mon Sep 02, 2019 11:52 am
by brezuicabogdan
Same exact issue here after upgrading to latest version.
HA cannot connect anymore and trying to manually authenticate on /api always turns out in a failure.

Please fix this as it keeps my entire cams system detached.

Thank you.

Re: API+Authentication not working

Posted: Tue Sep 03, 2019 1:10 am
by bbunge
As I understand there have been some I changes in the api on 1.33.x. Your problem may be with the HA system not the new Zoneminder. Best to start with a fresh Bionic install then add 1.32.x. While 1.33.14 is working for me it is a development version and can have issues.

Edit: Just checked my Bionic/ZM 1.33.14 with an old version of ZMNinja. Can't playback events but can view monitors. So, you will likely have to upgrade the HA system or go back to ZM 1.30.4. I still have the install packages available for some flavors of 1.30.4 as I still use it. Plan to rebuild a 1.30.4 system this week as there are some hardware issues I need to fix for a customer.

Re: API+Authentication not working

Posted: Wed Sep 04, 2019 12:37 pm
by asker
The latest master has fixed the API login issues. Note that this is only related to 1.33.x. This thread is in 1.30.4 but has since morphed into 1.32.x and now 1.33.x related issues.

Re: API+Authentication not working

Posted: Sat Sep 14, 2019 12:47 am
by blauter
Should this have addressed the issue with home assistant? I am on latest 1.33.14 and still getting the below error in ZM when HA tries to connect. Or does HA code have to be updated to support new auth?

Thanks.

2019-09-13 20:41:58 Error: [UnauthorizedException] Not Authenticated
Request URL: /zm/api/host/getVersion.json
Stack Trace:
#0 /usr/share/zoneminder/www/api/lib/Cake/Event/CakeEventManager.php(243): AppController->beforeFilter(Object(CakeEvent))
#1 /usr/share/zoneminder/www/api/lib/Cake/Controller/Controller.php(677): CakeEventManager->dispatch(Object(CakeEvent))
#2 /usr/share/zoneminder/www/api/lib/Cake/Routing/Dispatcher.php(189): Controller->startupProcess()
#3 /usr/share/zoneminder/www/api/lib/Cake/Routing/Dispatcher.php(167): Dispatcher->_invoke(Object(HostController), Object(CakeRequest))
#4 /usr/share/zoneminder/www/api/app/webroot/index.php(107): Dispatcher->dispatch(Object(CakeRequest), Object(CakeResponse))
#5 {main}

EDIT: Corrected version I am on.

Re: API+Authentication not working

Posted: Sat Sep 14, 2019 1:46 am
by eaglesvr
Rolled back to 1.32. Everything works now: api test and HA cams. Unfortunately I could not find any simple way to downgrade database. import zm schema from 1.33 didn't work.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited