RestAPI Integration

Hello,

My client already has an app created which is working with Wordpress API.

Its a Dumb App, and does basic communication, It can GET and POST, it cannot update an existing entry[May be by POST I can do edits] and has Basic authentication mechanics where in the start it will check if the username and password is valid and it will let the user “OPEN” the app pages only otherwise there is no communication based on authorization that can happen.

The App has a backend but can only use HTMLized or JSON or AJAX[Kind off an html way] to communicate with the server side.

What would be a recommended method to get it working with ERPNext?

1 - I am thinking of using AJAX on all pages of the App where database communication is needed.
2 - Remove the Authentication requirement in REST-API of Frappe.[I know it will be dangerous to do it, Client doesnt plan to keep any sensitive information in ERPNext setup]

Please share some ideas on working with this setup thanks.

-Vimal

Do you plan to move backend from Wordpress to Frappe?

If you can change code of this app use OAuth 2.0 for making authorized requests as the user instead of removing Authentication.

https://frappe.io/docs/user/en/guides/integration/using_oauth

if your app is hosted on another domain you may encounter issues related to CORS

refer Access-Control-Allow-Origin Error for jquery $.ajax call - #11 by revant_one


This is what i can add to the app, on the app pages which is calling the json data.

Frappe is the backend already. . . But they dont want to pull down the app and want to work with this app only.

So the app is pulling some data from the wordpress installation and I have managed to get them use ERPNext from now on for anything in future, So the app has to pull some information from a ERPNext installation like a list of tasks.

I think the app can be used to pass the bearer token.
But the token will expire after 1 hour.

on frappe server, you can manually create tokens for users and set expiry date to longer period (100 years).

If you could manage to refresh the token that will be the ideal thing to do.

1 Like

Thats an interesting suggestion.

I will try to implement it and see if it works.