phpcurlmagentosoapmagento-soap-api

PHP Magento soap login call returns empty session id

If I make a call to magento's SOAP webservice using curl it returns a session id:

The call:

curl -vkS --data-binary @login.xml https://environment.dev/index.php/api/v2_soap/index

My login.xml:

<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" 
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
    <soap:Body>
        <loginParam xmlns="urn:Magento">
            <username xmlns="">test</username>
            <apiKey xmlns="">123456</apiKey>
        </loginParam>
    </soap:Body>
</soap:Envelope>

The result:

<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="urn:Magento">
    <SOAP-ENV:Body>
        <ns1:loginResponseParam>
            <result>da8a07fb2b28edfdcfd1e6436aba6a8a</result>
        </ns1:loginResponseParam>
     </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

And the string inside the result tag is the session id.

Now, If I try to get the session id programmatically with:

$login = Mage::getModel('api/user')->login('test', '123456');

And the result var_dump($login):

protected $_data =>   array(13) {
    'user_id' =>
    string(1) "3"
    'firstname' =>
    string(4) "test"
    'lastname' =>
    string(4) "test"
    'email' =>
    string(17) "test@devenv.com"
    'username' =>
    string(4) "test"
    'api_key' =>
    string(65) "54a919b24f9bbaba5aa6b93c22705b7c:l53rKBtY57W42aCMbXfUi9SPNNIiLf4G"
    'created' =>
    string(19) "2017-06-06 13:08:36"
    'modified' =>
    string(19) "2017-06-06 13:10:53"
    'lognum' =>
    string(2) "16"
    'reload_acl_flag' =>
    string(1) "0"
    'is_active' =>
    string(1) "1"
    'sessid' =>
    NULL
    'logdate' =>
    string(19) "2017-06-08 14:25:15"

which has all data filled except sessid that is NULL.

Any hints on why it works with curl but not with magento method call?

Solution

  • Disclaimer: I hate Magento! It is simply not friendly to do what you want to do (trying to write tests, uhum?). The best solution for your issue, IMHO, is to use something else for your application.

    While you can't change your situation, here goes the solution.

    It turns out you are trying to get the session id from the wrong model. The session id is not generated by api/user model (Mage_Api_Model_User) but by the api/session model (Mage_Api_Model_Session) and this model demands some preparation to hold a valid session.

    Here is how you can get a valid session id (assuming that you already bootstrapped the app, of course):

    $session = Mage::getSingleton('api/session');
$session->init('api', 'api');
$session->login('test', '123456');
$sessionId = $session->getSessionId();

    Notice the $session->init('api', 'api'). This is the line that generates a new session id, but it won't be valid until the correct credentials are passed to the login ($session->login('username', 'password')).