android magento customer login(authentication) using using SOAP API

votes

i facing problem while i try to login(authentication) magento customer. i cant find proper way for login customer using there email and password. so, can u suggest me that how can i make authentication or login customer in magento store using SOAP API. i tried this code as given bellow

env.dotNet = false;
            env.xsd = SoapSerializationEnvelope.XSD;
            env.enc = SoapSerializationEnvelope.ENC;

            SoapObject request = new SoapObject(NAMESPACE, "login");

            request.addProperty("username", "xyz");
            request.addProperty("apiKey", "xyz");

            env.setOutputSoapObject(request);

            HttpTransportSE androidHttpTransport = new HttpTransportSE(URL);
            androidHttpTransport.debug = true;
            androidHttpTransport.call("", env);
            Object result = env.getResponse();

            Log.d("sessionId", result.toString());

            // making call to get list of customers

            String sessionId = result.toString();
            request = new SoapObject(NAMESPACE, "customerCustomerInfo");
            request.addProperty("sessionId", sessionId);
            request.addProperty("customerId", "2032");
            request.addProperty("email", "[email protected]");
            request.addProperty("password", "password");


            env.setOutputSoapObject(request);
            androidHttpTransport.call(SOAP_ACTION, env);
            androidHttpTransport.debug = true;
            result = env.getResponse();

            Log.d("Customer List", result.toString());

}

but it does not help me so is there any one who's have solution of my question.

Thank you....

androidmagentosoap

4 Answers

votes

There is no direct option for login the customer to magento.The password you retrieve from API is hash_password and you cant check the equality of password. But you can use the method explained below to login into magento.

Create an external php file and access the magento login there

require_once('../magentosite/app/Mage.php'); //Path to Magento umask(0); Mage::app();

$id = 1;

try{ $result = Mage::getModel('customer/customer')->setWebsiteId($id)->authenticate($email, $password); }catch( Exception $e ){ $result = false; }
Send the username and password from android to that php page using JSON,and get the "result".
if the result is "true" the username and password exist in the DB.

votes

Actually you can check/login user using SOAP, you just need to extend it a little bit. At app/code/core/Mage/Customer/Model/Customer/Api.php add new function

public function login($email, $password){
        /** @var $session Mage_Customer_Model_Session */
        $session = Mage::getSingleton( 'customer/session' );
        Mage::app()->getStore()->setWebsiteId(1);
        try
        {
            $session->login( $email, $password );
            $customer = $session->getCustomer();

            return json_encode(array('status' => 'OK', 'userData' => $this->info($customer->getId())));
        }
        catch( Exception $e )
        {
            return json_encode(array('status' => 'error', 'message' => $e->getMessage()));
        }
    }

At app/code/core/Mage/Customer/etc/api.xml

<config>
<api>
    <resources>
        <customer translate="title" module="customer">
         <methods>
        ...
               <login translate="title" module="customer">
                    <title>Login customer</title>
                    <acl>customer/login</acl>
                </login>

also at the end

        <acl>
        <resources>
            <customer translate="title" module="customer">
            ...
            <login translate="title" module="customer">
                    <title>Login</title>
            </login>

And here you can test yout login function

<?php
$host = "http://youmagentohost/index.php";
$client = new SoapClient($host."/api/soap/?wsdl"); //soap handle
$apiuser= "apiuser"; //webservice user login
$apikey = "apikey"; //webservice user pass
$action = "customer.login";
try {

    $sess_id= $client->login($apiuser, $apikey);
    $params = array('email'=>'[email protected]', 'password'=>'password');

    print_r($client->call($sess_id, $action, $params));
}
catch (Exception $e) { //while an error has occured
    echo "==> Error: ".$e->getMessage();
    exit();
}
?>

Its not nice solution but its better than nothing. Don't forget to rewrite all core files ;)

votes

Actually you can check/login user using SOAP At app/code/core/local/Envato/Masterapi/etc/api.xml

<?xml version="1.0"?>
<config>
  <api>

    <resources>

      <masterapi_loginmodel translate="title" module="masterapi">
        <model>masterapi/loginmodel_api</model>
        <title>Demo Custommoduleapi API</title>
        <acl>masterapi/loginmodel</acl>
        <methods>
         <!-- <list translate="title" module="masterapi">
            <title>List of masterapi</title>
            <method>clogin</method>
          </list> -->
          <customerlogin translate="title" module="masterapi">
           <title>List of masterapi</title>
          </customerlogin>

        </methods>
      </masterapi_loginmodel>




    </resources>


    <resources_alias>
      <loginmodel>masterapi_loginmodel</loginmodel>

    </resources_alias>

    <v2>
      <resources_function_prefix>
         <loginmodel>masterapiLoginmodel</loginmodel>

      </resources_function_prefix>
    </v2>

    <acl>
      <resources>
        <masterapi translate="title" module="masterapi">
          <title>Loginmodel</title>
          <sort_order>5</sort_order>
          <loginmodel translate="title" module="masterapi">
            <title>loginmodel data</title>
          </loginmodel>


        </masterapi>

      </resources>
    </acl>
  </api>
</config>

At app/code/core/local/Envato/Masterapi/etc/config.xml

 <?xml version="1.0"?>
    <config>
      <modules>
        <Mycustom_Masterapi>
          <version>1.0</version>
        </Mycustom_Masterapi>
      </modules>
      <global>
        <models>
          <masterapi>
            <class>Mycustom_Masterapi_Model</class>
          </masterapi>
        </models>
        <helpers>
          <masterapi>
            <class>Mycustom_Masterapi_Helper</class>
          </masterapi>
        </helpers>
      </global>
    </config>

At app/code/core/local/Envato/Masterapi/etc/wsdl.xml

<?xml version="1.0" encoding="UTF-8"?>
<definitions xmlns:typens="urn:{{var wsdl.name}}" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
  xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns="http://schemas.xmlsoap.org/wsdl/"
  name="{{var wsdl.name}}" targetNamespace="urn:{{var wsdl.name}}">

  <types>
    <schema xmlns="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:Magento">
      <import namespace="http://schemas.xmlsoap.org/soap/encoding/" schemaLocation="http://schemas.xmlsoap.org/soap/encoding/" />
      <complexType name="fieldInfo">
        <sequence>
          <element name="entity_id" type="xsd:string"/>
          <element name="name" type="xsd:string"/>
        </sequence>
      </complexType>
      <complexType name="fieldInfoArray">
        <complexContent>
          <restriction base="soapenc:Array">
            <attribute ref="soapenc:arrayType" wsdl:arrayType="typens:fieldInfo[]" />
          </restriction>
        </complexContent>
      </complexType>




    </schema>
  </types>

  <message name="masterapiLoginmodelListRequest">
    <part name="sessionId" type="xsd:string" />
    <part name="user" type="xsd:string" />
     <part name="pass" type="xsd:string" /> 
  </message>

  <message name="masterapiLoginmodelListResponse">
    <part name="customlogin" type="xsd:string" />
  </message>



  <portType name="{{var wsdl.handler}}PortType">
    <operation name="masterapiLoginmodelCustomerlogin">
      <documentation>List of masterapi</documentation>
      <input message="typens:masterapiLoginmodelListRequest" />
      <output message="typens:masterapiLoginmodelListResponse" />
    </operation>



  </portType>





  <binding name="{{var wsdl.handler}}Binding" type="typens:{{var wsdl.handler}}PortType">
    <soap:binding style="rpc" transport="http://schemas.xmlsoap.org/soap/http" />
    <operation name="masterapiLoginmodelCustomerlogin">
      <soap:operation soapAction="urn:{{var wsdl.handler}}Action" />
      <input>
        <soap:body namespace="urn:{{var wsdl.name}}" use="encoded" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" />
      </input>
      <output>
        <soap:body namespace="urn:{{var wsdl.name}}" use="encoded" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" />
      </output>
    </operation>



  </binding>



  <service name="{{var wsdl.name}}Service">
    <port name="{{var wsdl.handler}}Port" binding="typens:{{var wsdl.handler}}Binding">
      <soap:address location="{{var wsdl.url}}" />
    </port>
  </service>
</definitions>

At app/code/local/Mycustom/Masterapi/Model/Loginmodel/Api.php

<?php
// app/code/local/Mycustom/Masterapi/Model/Loginmodel/Api.php
class Mycustom_Masterapi_Model_Loginmodel_Api 
{
  public function customerlogin($user,$pass)
  {

  /** @var $session Mage_Customer_Model_Session */
        $session = Mage::getSingleton( 'customer/session' );
        Mage::app()->getStore()->setWebsiteId(1);
        try
        {
            $session->login( $user, $pass);
            $customer = $session->getCustomer();

            return  json_encode(array('status' => 'valid', 'userData' => $customer->getId()));
        }
        catch( Exception $e )
        {
            return  json_encode(array('status' => 'invalid', 'userData' => $e->getMessage()));
        }



  }
}

At /app/code/local/Mycustom/Masterapi/Model/Loginmodel/Api/V2.php

<?php
//app/code/local/Envato/Customapimodule/Model/Product/Api/V2.php
class Mycustom_Masterapi_Model_Loginmodel_Api_V2 extends Mycustom_Masterapi_Model_Loginmodel_Api
{
}

IN android side : call soap request :

      properties.put("sessionId", sessionId);
                properties.put("user", "[email protected]"); 
                properties.put("pass","pass");
           request = new SoapObject(NAMESPACE, "masterapiLoginmodelCustomerlogin");
 env.setOutputSoapObject(request);
        androidHttpTransport = new HttpTransportSE(URL);
        androidHttpTransport.call("", env);

votes

The simplest way to login as a customer is:

fetch email id of all customer
match it with entered email id
if it match, fetch hash password
split the hash password with ":"
encrypt the entered password with md5 method. MD5 method requires to string, one is "salt"(that is string in hash password after ":") and other entered password.
match the output of MD5 and the hash password (value before ":" )

Here is the code:

email = "[email protected]";
string_password = "xyz@123";
request = new SoapObject(NAMESPACE, "customerCustomerList");
request.addProperty("sessionId",sessionId );            
env.setOutputSoapObject(request);
androidHttpTransport.call("urn:Magento/customerCustomerList", env);
SoapObject response =  (SoapObject) env.getResponse();      

for(int i=1;i<lengthofResponse;i++)
{                         

   SoapObject  CustomerList = (SoapObject)response.getProperty(i);                        
   Object email_id=CustomerList.getProperty(6);
   int CustomerList_length = CustomerList.getPropertyCount();
   Object password=CustomerList.getProperty((CustomerList_length));
   selected_email_ids.add(email_id.toString());
   response_password=(password.toString().split(":"));
   selected_password.add(response_password[0]);     
   selected_salt.add(response_password[1]);     
   //comparing password                  
   if(email.equals(selected_email_ids.get(j)))
   {
        System.out.println("Email is currect");
        hash = md5( response_password[1] + string_password);
        if(hash.equals(selected_password.get(j)))
        {
            System.out.println("Welcome");
        }
    }                                                   
}