Support

Home Forums Event Espresso Premium Event Espresso Android and iPhone app

Event Espresso Android and iPhone app

Posted: December 1, 2020 at 9:42 am


SteveMBragg

December 1, 2020 at 9:42 am

Hi All

We are using the mobile app for this site: ntlbiologica.com/antibodytesting.

However we also have the Cleantalk anti spam app installed on the site and if this is active we cannot log in to the site using your app anymore. De-activate their plugin and all is fine.

Cleantalk are trying to de-big the issue and have asled me what the actual URL the mobile app is calling to do a site login.

I can see that the app is using the main web site URL but to login your app would need to calla login page, and it is this information that Cleantalk are seeking to find out to carry on their de-bugging.

Can you advise please

Regards

Steve B


Tony

  • Support Staff

December 1, 2020 at 3:17 pm

Hi Steve,

The app uses the WP REST API to communicate with the site and does so using the Basic Auth plugin.

So it doesn’t ‘login’ to a specific URL first but rather sends an authorization header on each request set to the site which is used for authentication.

The very first request sent from the app is to check if the site can load over HTTPS. So it sends a HTTP request to the domain and checks for a redirect. It then sends a HTTPS request to the domain and checks for response 200. Aftr that the request sent to /wp-json/ee/v4.8.36/site_info would be the first one where authentication is used.

That help?


SteveMBragg

December 4, 2020 at 9:23 am

Hi Tony/All

The Cleantalk team have come back to me with a response as follows:

[QUOTE]
Hello,

I’ve found the reason why it’s happening. Calling wp_get_current_user() under init hook breaks this plugin. I can’t tell you which plugin works incorrect right now, EventEspress or Cleantalk.

https://github.com/CleanTalk/wordpress-antispam/blob/b2c9488ec18535a55bfa65bb75971cf3aea6fbbd/cleantalk.php#L2075

I saw that you already contacted EventEspresso team, maybe we need to do this again to make this clear.

Best regards.


Extensions Development
Artyom Davydov
[UNQUOTE]

They have given a link and show where the code is being broken.

Are you able to help in this regard??

Regards

Steve B


Tony

  • Support Staff

December 9, 2020 at 5:47 am

Hi Steve,

I installed Clean Talk on a test site and didn’t have any issue logging into the app until I enabled Anti-Crawler setting.

What options do you have enabled on Clean Talk?

I’d like to test logging into the app and capture the request to see what is actually happening on those request, can you send me temp login details so I can take a look?

You can use this form to send the credentials: https://eventespresso.com/send-login-details/

Obviously, you’ll also need to enable Clean-Talk if you currently have it disabled.


SteveMBragg

December 9, 2020 at 7:04 am

Hi Tony

I have sent you login details

Steve


SteveMBragg

December 9, 2020 at 7:19 am

Hi Tony

I re-activted the Clean Talk plugin and checked the advanced settings. The SpamFirewall is switched off, to the Anti Crawl is also switched off.

When I try to login using your app on an iPad I get this error message:

<stong>ERROR:
Please solve Captcha correctly
The operation could not be completed, then repeat of the message above…..
[OK] (button).

I get the same error on my mobile phone (Xperia 5).

So I have had to disable it again.

Regards

Steve


SteveMBragg

December 9, 2020 at 7:50 am

Hi Tony

I’ve had to leave Cleantalk de-activated for the moment, so people can log in using the app but feel free to activate it when you need to do so for your tests.

Cheers

Steve


Tony

  • Support Staff

December 9, 2020 at 3:22 pm

Hi Steve,

So I logged into the site and the problem is not from Clean Talk plugin, it’s the Advanced noCaptcha & invisible Captcha plugin you have installed.

I’ve seen this before, only not on the REST requests and what’s happening is that plugin is hooking into ALL login requests and trying to validate a recaptcha response, which you simply can not do on within a REST request.

A simple fix would be to disable the Advanced Recaptcha on the login forms, that should allow both plugins to be enabled but will obviously disable the reCaptcha on your standard login forms. Another option is to look into hooking into the reCaptcha plugin and see if it has a hook available to bail out of the request if its REST.

Side note – in your form submission you mentioned we already have a login and I just want to clarify that we don’t keep login details for any longer than necessary so we actually don’t have a login. The credentials sent over will have been deleted as soon as whatever issue you previously submitted the details for was closed/resolved. If there is still an admin account active on the site for us I recommend removing it when finished, the login details are intended to be temporary as we do not want nor need constant access to anyone’s site.


SteveMBragg

December 9, 2020 at 3:31 pm

Hi Tony

OK. Need to look at this tomorrow.

Cheers
Steeve

The support post ‘Event Espresso Android and iPhone app’ is closed to new replies.

Have a question about this support post? Create a new support post in our support forums and include a link to this existing support post so we can help you.

Support forum for Event Espresso 3 and Event Espresso 4.
Documentation for EE3 and EE4
Documentation for Event Espresso 3 Documentation for Event Espresso 4

Status: closed

Updated by  SteveMBragg 2 months, 2 weeks ago ago

Topic Tags

Notifications

This topic is: not resolved
Do NOT follow this link or you will be banned from the site!