How to use Login Key with API?

[thunn]

Hello,
I'm trying to use login key to replace DA admin account to work with API, but it does not work.
Can Anyone help me by giving example?

This is my current code:

<?php
include 'httpsocket.php';
$sock = new HTTPSocket;
$sock->connect('ssl://123.456.789',2222);
$sock->set_login('loginKeyTest','[I]hiddenforsecurity[/I]');

$sock->query('/CMD_SELECT_USERS',
    array(
        'location' => 'CMD_SELECT_USERS',
        'suspend' => 'Suspend', // note - this can also be 'Unsuspend'
        'select0' => 'mytestuser'
    ));
$result = $sock->fetch_body();

print_r($sock);
print_r($result);

?>

Thank you.

 

[zEitEr]

Hello,

but it does not work.

Here more details are needed. Full text of all Errors?

 

[thunn]

Yes, I got the following info:

[root@local]# ./directadmin b2000
Debug mode. Level 2000

OS doesn't support IPv6. Dropped down to IPv4: (Address family not supported by protocol)
DirectAdmin 1.43.0
Accepting Connections on port 2222
Sockets::handshake - begin
Sockets::handshake - end
/CMD_SELECT_USERS
GET string: location=CMD_SELECT_USERS&suspend=Suspend&select0=mytestuser
 0: Accept: */*
 1: Authorization: Basic [I]hiddenforsecurityreasons[/I]
 2: Connection: Close
 3: Host: ssl://123.456.789:2222
 4: User-Agent: HTTPSocket/2.7
[B]not on the list: loginKeyTest[/B]

 

[zEitEr]

What that output has to do with API request with Login Key?

Every API request returns a string as a reply. And if an error occurs, it prints the error text.

 

[thunn]

Yes. I print the $socket object and get the following info:

HTTPSocket Object ( [version] => 2.7 [method] => GET [remote_host] => ssl://123.456.789 [remote_port] => 2222 [remote_uname] => loginKeyTest [remote_passwd] => [I]hiddenforsecurity[/I] [result] => HTTP/1.1 200 OK Server: DirectAdmin Daemon v1.43.0 Registered to Vietnam Ltd Set-Cookie: session=; path=/; secure; HttpOnly Connection: close Cache-Control: no-cache Pragma: no-cache
 [B]X-DirectAdmin:[/B] unauthorized Content-Type: text/html

[result_status_code] => 200 [lastTransferSpeed] => 1.34375 [bind_host] => [error] => Array ( ) [warn] => Array ( ) [query_cache] => Array ( [0] => GET /CMD_SELECT_USERS?location=CMD_SELECT_USERS&suspend=Suspend&select0=mytestuser HTTP/1.0 User-Agent: HTTPSocket/2.7 Host: ssl://123.456.789:2222 Accept: */* Connection: Close Authorization: Basic [I]hiddenforsecurity[/I] ) [doFollowLocationHeader] => 1 [redirectURL] => [extra_headers] => Array ( ) )

 

[zEitEr]

You should send requests to /CMD_API_SELECT_USERS, but not to /CMD_SELECT_USERS.

Related: http://directadmin.com/api.html

 

[thunn]

Hello zEitEr,
I have changed the code to be like this but it still does not work:

    include 'httpsocket.php';

    $sock = new HTTPSocket();
    $sock->connect('ssl://123.456.789',2222);
    $sock->set_login('loginKeyTest', '[I]hiddenforsecurity[/I]');

    //$sock->set_method('POST');

    $sock->query('/CMD_API_SELECT_USERS',
            array(
                'location' => 'CMD_API_SELECT_USERS',
                'suspend' => 'Suspend', // note - this can also be 'Unsuspend'
                'select0' => 'mytestuser'
            ));

    $result = $sock->fetch_result();
    print_r($result);

Output of last line is:

HTTP/1.1 200 OK
Server: DirectAdmin Daemon v1.43.0 Registered
Set-Cookie: session=; path=/; secure; HttpOnly
Connection: close
Cache-Control: no-cache
Pragma: no-cache
X-DirectAdmin: unauthorized
Content-Type: text/html

<html>
<head>
....

 

[zEitEr]

See "unauthorized" line. Make sure, you can login into directadmin with the Login Key, and make sure, you've got access to the requested page.

1. Authorize with a Login Key with a browser
2. Visit https://123.456.789:2222/CMD_API_SELECT_USERS

If no errors occurs on these two steps, then you really should debug directadmin.

p.s. From a earlier post: not on the list: loginKeyTest, I guess either requested page is not allowed for the Login Key, or IP is not listed.

 

[thunn]

Can you guide me this more detail: Authorize with a Login Key with a browser
I have tried to:
- Grant all permission to this account.
- Grant all IP addresses to this server.
- Mark as "Never expired".
- Use that account to login via browser and it does not work.

 

[zEitEr]

Please provide all error texts you get there in browser and in logs instead of saying "it does not work".
Did you follow those two steps?

 

[DirectAdmin Support]

Hello,

With login keys, the "key name" is only for your own accounting purposes, to keep track of the keys and their values.
If the login key was created under the "admin" account, the login name is still going to be "admin".

John

 

[thunn]

OK, but I have tried, and no result.
I got this when print result object:
HTTP/1.1 200 OK Server: DirectAdmin Daemon v1.43.0 Registered to P.A Vietnam Ltd Set-Cookie: session=; path=/; secure; HttpOnly Connection: close Cache-Control: no-cache Pragma: no-cache X-DirectAdmin: unauthorized Content-Type: text/html

And the account still active (can't suspended).

 

[thunn]

Hello,
Finally I have got this info:

Login keys were not turned on for admin.
[root@srv admin]# pwd
/usr/local/directadmin/data/users/admin
[root@srv admin]# grep login_keys user.conf
login_keys=OFF

turn this on and restart directadmin => DONE.