1

Topic: Rest API

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.9
- Deployed with iRedMail Easy or the downloadable installer? download plus updates
- Linux/BSD distribution name and version: Debian 9.9
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MariaDB
- Web server (Apache or Nginx):Nginx
- Manage mail accounts with iRedAdmin-Pro? yes v3.4
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
Hi,

as I am having problems with creating user accounts trough the web interface, I started playing with API.

I enabled RESTful API as of https://docs.iredmail.org/iredadmin-pro … estful-api
I restartet nginx and uwsgi as directed.

I am trying my luck with curl to start with...

But even login fails with "not found". Calling the URL in the browser also gives an empty page with the text "not found".

curl -X POST -c cookie.txt -d "username=postmaster@<mydomain>&password=<pw>" https://<myserver>/iredadmin/api/login

https://<myserver>/iredadmin/ gets me to the login of my web ui.

pls help, thx

2

Re: Rest API

as the python example uses http instead of httpS, I tried this, too.

Login now gives an html response of "found" and creates a cookie.txt

<html>
<head><title>302 Found</title></head>
<body bgcolor="white">
<center><h1>302 Found</h1></center>
<hr><center>nginx</center>
</body>
</html>

But adding a user gives the following. No user is added

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 15 May 2019 09:34:25 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: https://<myserver>/iredadmin/api/user/<eMailToAdd>

<html>
<head><title>302 Found</title></head>
<body bgcolor="white">
<center><h1>302 Found</h1></center>
<hr><center>nginx</center>
</body>
</html>

3

Re: Rest API

Please restart "iredadmin" service and try again.

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

4

Re: Rest API

That helps. May I suggest to add this to the docs?

Next I tried to add a user. The curl example does not include a PW which is not accepted by the service. Adding a PW, I get PW_SHORTER_THAN_MIN_LENGTH

curl -X POST -i -b cookie.txt -d "cn=Kontakt&mailQuota=1024&password=AsTr0ng@9whfjkshfksjdfsd" https://<myserver>/iredadmin/api/user/<email2add>

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 15 May 2019 14:58:19 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: iRedAdmin-Pro-mysql=ece1daef86dcb69c32e787bf4911b5901f1b3f64; Path=/iredadmin/; httponly
Strict-Transport-Security: max-age=31536000

{"_success": false, "_msg": "PW_SHORTER_THAN_MIN_LENGTH"}

5

Re: Rest API

Jochen wrote:

That helps. May I suggest to add this to the docs?

Fixed.

Jochen wrote:

Next I tried to add a user. The curl example does not include a PW which is not accepted by the service. Adding a PW, I get PW_SHORTER_THAN_MIN_LENGTH

PW_SHORTER_THAN_MIN_LENGTH means your password is shorter than the required length. Do you have this requirement in global or per-domain password policy?

For global setting, you can go to "System -> Settings".
For per-domain setting, go to domain profile page, than click tab "Advanced".

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

6 (edited by Jochen 2019-05-29 23:42:33)

Re: Rest API

ZhangHuangbin wrote:

PW_SHORTER_THAN_MIN_LENGTH means your password is shorter than the required length. Do you have this requirement in global or per-domain password policy?

For global setting, you can go to "System -> Settings".
For per-domain setting, go to domain profile page, than click tab "Advanced".

This is at the defaults, I guess. Min 8 server wide and empty (as suggested to use server settings) on domain.

Max PW length is empty on both pages.

I tried very long passwords, does not work...


Setting a min PW length for the domain helps. So this is now a bug report. API calls to create a user do not correctly honor empty setting on domain.
Expected behaviour: if min pw field on domain is empty, server settings should be used
Seen behaviour: PW_SHORTER_THAN_MIN_LENGTH error thrown.