passwordlessapi
YOURLS允许API调用的老式的方法,使用用户名和密码参数(如果你的设置是私人的,很明显)。如果担心将证书发送到野外,还可以使用秘密签名令牌进行API调用。
签名的令牌
你的秘密签名的令牌将被一个这样的字符串 1002a612b4
一个秘密签名令牌是唯一的,与一个帐户关联,并且只能用于API请求。你会在你的页面找到它安装工具YOURLS。
注意:不能在工具页面看到这个签名吗?这可能是因为你安装的是公共。因此,不使用登录和密码来使用它。因此,没有使用签名令牌而不是登录/密码对。
签名令牌的使用
在你的API请求使用参数签名。例子:
http://yoursite/yourls-api.php?signature=1002a612b4&action=...
限时签名令牌的使用
您可以只在短时间内创建签名令牌(默认情况下一小时)。
首先,工艺时间有限的签名标记:
1 <?php 2 $timestamp = time(); 3 $signature = md5( $timestamp . '1002a612b4' ); 4 5 // 用你自己的秘密签名令牌替换。实例结果: 6 // Replace with your own secret signature token. Example result: 7 // $signature = "ed8d12124fc7916b00e3ecd7dc2c1d6a" 8 9 ?>
现在在API请求中使用参数签名和时间戳。例子:
HTTP:+网站+yourls-api.php?+时间戳的时间戳和签名+签名+=…
http://yoursite/yourls-api.php?timestamp=$timestamp&signature=$signature&action=...
这个URL被有效期只有43200秒(12小时),常yourls_nonce_life默认值。
修改这个时间,添加以下你的config.php:
定义(“yourls_nonce_life ',number_of_seconds);
(注意这也影响所有YOURLS如激活插件的内部链接删除短网址,等..)
重置您的秘密签名令牌
如果因为某些原因你需要重置你的签名(即生成一个新的,以前的签名无效),简单地修改你的yourls_cookiekey config.php常数
PasswordlessAPI
YOURLS allows API calls the old fashioned way, using username and password parameters (if your setup is private, obviously). If you're worried about sending your credentials into the wild, you can also make API calls using a secret signature token.
Signature token
Your secret signature token will be a string like 1002a612b4
A secret signature token is unique, associated to one account, and can be used only for API requests. You will find it in the Tools page of your YOURLS install.
NB: Can't see this signature on the Tools page? It's probably because your install is public. Therefore, you don't use a login and password to use it. Therefore there's no signature token to be used instead of a login/password pair.
Usage of the signature token
Use parameter signature in your API requests. Example:
http://yoursite/yourls-api.php?signature=1002a612b4&action=...
Usage of a time limited signature token
You can create signature token valid for a short period only (one hour by default)
First, craft the time limited signature token:
<?php
$timestamp = time();
$signature = md5( $timestamp . '1002a612b4' );
// Replace with your own secret signature token. Example result:
// $signature = "ed8d12124fc7916b00e3ecd7dc2c1d6a"
?>
Now use parameters signature and timestamp in your API requests. Example:
http://yoursite/yourls-api.php?timestamp=$timestamp&signature=$signature&action=...
This URL would be valid for only 43200 seconds (12 hours), the default value of constant YOURLS_NONCE_LIFE .
To modify this duration, add the following to your config.php :
define( 'YOURLS_NONCE_LIFE', number_of_seconds );
(note this also affect all the internal links of YOURLS such as the ones to activate a plugin, delete a short URL, etc...)
Reset your secret signature token
If for some reason you need to reset your signature (ie to generate a new one while making previous signature inoperative), simply modify the YOURLS_COOKIEKEY constant in your config.php