Difference between revisions of "API"

From ZoneMinder Wiki
Jump to navigationJump to search
Line 51: Line 51:
the server will pass <code>/host/getVersion.json</code> to /zm/api/index.php, and index.php will do its black
the server will pass <code>/host/getVersion.json</code> to /zm/api/index.php, and index.php will do its black
magic to get the ZM version. This is because if you try to navigate directly to <code>http://serverip/zm/api/host/getVersion.json</code>
magic to get the ZM version. This is because if you try to navigate directly to <code>http://serverip/zm/api/host/getVersion.json</code>
you will get a 404, because there is no such file in <code>/www/api/app/webroot</code>. How this is handled in the
(without a rewrite rule in place) you will get a 404, because there is no such file in <code>/www/api/app/webroot</code>. How this is handled in the
web servers is there is a rewrite rule (not an alias this time) that takes anything that is /zm/api-whatever (the
web servers is there is a rewrite rule (not an alias this time) that takes anything that is /zm/api-whatever (the
regex covers everything after /zm/api) and changes it to /zm/api/index.php. Then this index.php handles the request.
regex covers everything after /zm/api) and changes it to /zm/api/index.php. Then this index.php handles the request.

Revision as of 22:09, 4 November 2022

This is community documentation for the API. To see official documentation, review zoneminder.readthedocs.org

Test API is Working (1.32+)

Use this command if you've enabled authentication.

curl -X POST -d "user=somename&pass=somepass" http://serverip/zm/api/host/getVersion.json

Make sure all of this is included. It is not necessary to use login.json before running this command. The ampersand must be between user and pass. If you aren't using authentication then use the following:

curl -X GET http://serverip/zm/api/host/getVersion.json

SSL Configuration

Related to the API, if you wish to have some encryption, refer to /etc/apache2/ports.conf You will see that it requires the ssl module, and the symbolic link.

a2enmod ssl

Add the symbolic link for /etc/apache2/sites-available/default-ssl.conf to sites-enabled.

And uncomment / enable SSLEngine, SSLCertificateKey, and SSLCertificateKeyFile in /etc/apache2/sites-available/default-ssl.conf.

You may optionally want to generate a new SSL key.

Setting up self signed SSL certs for apache2 is a common sysadmin task that will not be covered in this guide. Search online for more info.

Configuring CakePHP for "x webserver"

Having recently setup the API for lighttpd, I found the following was necessary in order to get it to work properly. Maybe this information will assist someone else who isn't using Apache / Nginx / Lighttpd as the configuration should be similar for any webserver that supports PHP, aliases and rewrites.

First off the webroot for zm may look something like this:

/usr/share/zoneminder/www$ ls
ajax  css    graphics  index.php  lang        skins  vendor
api   fonts  includes  js         robots.txt  tools  views

What you need to know is that the api is NOT at /usr/share/zoneminder/www/api but in fact is located at

/usr/share/zoneminder/www/api/app/webroot

So clients to the webserver will navigate to yourserverip/zm/api but the webserver will deliver yourserverip/www/api/app/webroot assuming that www == zm. (in apache, this is handled by /etc/apache2/conf-available/zoneminder.conf with Alias /zm /usr/share/zoneminder/www) The API is handled in a similar manner. Instead of aliasing /zm to /usr/share/zoneminder/www/ there will be an alias from /zm/api to /usr/share/zoneminder/www/api/app/webroot. Yes, it is confusing that there is a folder named API that is NOT the API, when in fact the webroot folder is the API. Don't ask me. I didn't design it. Apache doesn't help with its verbose configuration, compared to the leaner config found in lighttpd which is more intuitive.

So now we have the following

requests to myserver/zm  go to /usr/share/zoneminder/www/
requests to myserver/api go to /usr/share/zoneminder/www/api/app/webroot

The final thing you need to understand is that CakePHP has a single index.php file that does all the work for the API. So when you request http://serverip/zm/api/host/getVersion.json what is actually happening is that the server will pass /host/getVersion.json to /zm/api/index.php, and index.php will do its black magic to get the ZM version. This is because if you try to navigate directly to http://serverip/zm/api/host/getVersion.json

(without a rewrite rule in place) you will get a 404, because there is no such file in /www/api/app/webroot. How this is handled in the

web servers is there is a rewrite rule (not an alias this time) that takes anything that is /zm/api-whatever (the regex covers everything after /zm/api) and changes it to /zm/api/index.php. Then this index.php handles the request.