Javascript calling Turnkey rest
No edit summary
No edit summary
Line 5: Line 5:
To set allowed domains in TurnkeyCore there is a new setting in app_data/TurnkeySettings.xml file:
To set allowed domains in TurnkeyCore there is a new setting in app_data/TurnkeySettings.xml file:
  <CorsWithOrigins><nowiki>https://localhost:44387,https://localhost:1212</nowiki></CorsWithOrigins>
  <CorsWithOrigins><nowiki>https://localhost:44387,https://localhost:1212</nowiki></CorsWithOrigins>
To allow for specific domains in IIS Turnkey you need to fix the config file for the app, or the config file above the app.
To allow for specific domains in IIS Turnkey you need to fix the config file for the app, or the config file above the app as described in this article [[Cors]].


ViewModels with RestAllowed will check access groups - and most likely you will use the IsLoggedIn access group - and have SysSingleton.oclSingleton.CurrentUser in your ViewModel to access user specific data. In order for this to work you must ensure that the user is first logged into Turnkey
ViewModels with RestAllowed will check access groups - and most likely you will use the IsLoggedIn access group - and have SysSingleton.oclSingleton.CurrentUser in your ViewModel to access user specific data. In order for this to work you must ensure that the user is first logged into Turnkey

Revision as of 19:52, 15 September 2020

If your javascript is on the same domain there is no issue to call viewmodels exposed with Rest. But if it is from a cross domain your turnkey server needs to enable cors for the particular domains you will be calling from.

We cannot allow for every domain since that will not work with login credentials (web standards).

To set allowed domains in TurnkeyCore there is a new setting in app_data/TurnkeySettings.xml file:

<CorsWithOrigins>https://localhost:44387,https://localhost:1212</CorsWithOrigins>

To allow for specific domains in IIS Turnkey you need to fix the config file for the app, or the config file above the app as described in this article Cors.

ViewModels with RestAllowed will check access groups - and most likely you will use the IsLoggedIn access group - and have SysSingleton.oclSingleton.CurrentUser in your ViewModel to access user specific data. In order for this to work you must ensure that the user is first logged into Turnkey

We suggest one of the following scenarios to ensure user login:

  1. You put the url to your app on a turnkey page - and only show the url if the user is logged
  2. You send the user from your app to the Turnkey app and have a link on that page to redirect once logged in
  3. You have a Turnkey RestEnabled ViewModel without access group that can answer if the user is loggen in or not - so that you know if to send user to login pages

You may now call Turnkey from a valid origin with code like this:

<div>
    <input type="button" value="Try it" onclick="sendRequest()" />
    <span id='value1'>(Result)</span>
</div>

@section scripts {
    <script>
      var serviceUrl = 'http://localhost:5052/TurnkeyRest/Get?command=ViewModel1';
      function sendRequest() {

        $.ajax({
            type: "get",
            url: serviceUrl,
            xhrFields: { withCredentials: true }
        }).done(function (data) {
            debugger;
            $('#value1').text(data);
        }).fail(function (jqXHR, textStatus, errorThrown) {
            debugger;
            $('#value1').text(jqXHR.responseText || textStatus);
        });
        }
    </script>
}

If the TurnkeyServer have cors error it will just say "error", if the requested ViewModel has been blocked by AccessControlGroup it will say AccessDenied

Data returned is Json.

The xhrFields: { withCredentials: true } is important to reuse the session coookie from the user login.

This page was edited 47 days ago on 02/10/2024. What links here