Unable to login using the OpenEMR REST API

(system) #1

bikash4mgrmtech wrote on Saturday, September 14, 2013:

Hi all,

I am new to OpenEMR. I am just using the REST API from ‘http://github.com/medmasterpro/openemr’, but I am unable login using the REST API.
I have checked some other repo too (for REST API):-
GitHub - oemr501c3/openemr-api: Prototype API for OpenEMR - Contributed by Med Master Mobile. LLC to OEMR

I have dig into the code myself and found the problem is due to change in user password authentication scheme is changed.
‘users.password’ field is outdated and ‘users_secure.password’ & ‘users_secure.salt’ are used for login by clients using a web-browser.
So, I updated ‘login.php’ file for REST api login.

My question is , Is anybody already working on this issue? And if not where can I contribute my-patch as I have found 3 projects going on REST API.

Thanks in advance
Bikash Barman

(system) #2

bradymiller wrote on Saturday, September 14, 2013:


Here is the ongoing review with most current github branch of that code:

So, suggest working off the code there and then submitting your patch to that repo via github:

I have medmasterpro’s email somewhere in my box, so we can also email them to see if they are working on this ( send me an email to brady@sparmy.com ) also in case they miss this post.

This has been a huge code review, which is taking a long time (due to minimal resources of OpenEMR; medmasterpro has been great and is usually very fast to respond). Will be nice to get another developer involved to help move this project along.


(system) #3

bikash4mgrmtech wrote on Tuesday, September 17, 2013:


I have created a patch using git. ‘openemr-rest-api-login.patch’
I have an account in github.combikash4hcn · GitHub

Now, how do I donate this patch to ‘https://github.com/medmasterpro/openemr
Or, how do I communicate with medmasterpro

Anyway, I am attaching the patch with this post.

Thanks in advance
Bikash Barman

(system) #4

yehster wrote on Thursday, September 19, 2013:

I have added a simple function to allow validation of user id and password with the new password/salting scheme. This function will allow confirmation of password in other scenarios as well. (such as verification of password when "locking’ a note).

(system) #5

bradymiller wrote on Sunday, September 22, 2013:

Hi Bikash,

Just sent an email to Medmaster Pro folks and cc’s you on it. To get code into that repo, suggest placing it on your github repo in a separate branch and then doing a pull request on github:


(system) #6

ashutoshw007 wrote on Tuesday, June 23, 2015:

Hi Bikash,
I have the same issue with login.
Can you please tell me how to use your this patch for logging in to openemr.
I unable to find any helpful answers on the forum even.

(Cornelius Lee) #7

Hi Brady and all,

I am trying to test the APIs listed in the following:

However, I can’t seem to be able to obtain a correct response.

Can anyone advise me on this, please?


(Brady Miller) #8

Hi @cornelius80 ,

Here’s a couple commands I use on API as examples of use:

curl --insecure -X POST -H 'Content-Type: application/json' 'https://localhost:9082/apis/api/auth' \
-d '{
    "username": "YDS-admin-31",
    "password": "YDS-admin-31",
curl --insecure -X GET 'https://localhost:9082/apis/api/facility' \
  -H 'Authorization: Bearer q52JwjcRadsPK7TuH46XR4XGXDufaUYq6f656d7264656661756c74'
curl --insecure -X GET 'https://localhost:9082/apis/api/patient' \
  -H 'Authorization: Bearer CtKejlZzaqBWCv3m5XElOq616t9RyrQH6f656d7264656661756c74'