How sessions added In Opencart’s Rest API

How sessions added In Opencart’s Rest API

In our previous blog : http://webkul.com/blog/add-ip-opencarts-rest-api/  , we learnt how to add the IP in the opencart rest api . Today we will learn , how the sessions added in the opencart rest api .

First of all , we have to know , where we can see these sessions  . So to view the api session , we have to go to the System->Users->API and then click on edit api and go to session tab . Here you can see all the api session for the particular api . You can also remove the session from here by simply clicking the remove button .

Now we will see when and how these sessions have been created by the code . These sessions are created when you do the api login .

/**
 * Webkul Software.
 *
 * @category Webkul
 * @package api
 * @author Webkul
 * @copyright Copyright (c) 2010-2016 Webkul Software Private Limited (https://webkul.com)
 * @license https://store.webkul.com/license.html
 */

$session_name = 'temp_session_' . uniqid();
$session = new Session();
$session->start($this->session->getId(), $session_name);

// Create Token
$json['token'] = $this->model_account_api->addApiSession($api_info['api_id'], $session_name, $session->getId(), $this->request->server['REMOTE_ADDR']);

The above code is the part of the api login file that we have already shown in the previous blog . If you made the successful api login then this code executes . In this part of code the uniqid() function generates a unique id based on current time in microseconds . The second line of code is just to create the object of session class , so that we can access their functions . In the next line of code session is started with the current session id and with the name . In the last line of code , entry is done in the database .

/**
 * Webkul Software.
 *
 * @category Webkul
 * @package api
 * @author Webkul
 * @copyright Copyright (c) 2010-2016 Webkul Software Private Limited (https://webkul.com)
 * @license https://store.webkul.com/license.html
 */
public function addApiSession($api_id, $session_name, $session_id, $ip) {
		$token = token(32);

		$this->db->query("INSERT INTO `" . DB_PREFIX . "api_session` SET api_id = '" . (int)$api_id . "', token = '" . $this->db->escape($token) . "', session_name = '" . $this->db->escape($session_name) . "', session_id = '" . $this->db->escape($session_id) . "', ip = '" . $this->db->escape($ip) . "', date_added = NOW(), date_modified = NOW()");

		return $token;
	}

In the above code , the token is generated with the token function and then by insert query , data is simply added to the database and token is returned to the caller function .