You have been redirected from an outdated version of the article. Below is the content available on this topic. To view the old article click here.
The response keyword returns a reference to the current output stream of the HTTP response that is sent to the client when the rendering process is finished.
The response keyword can be used in the special functions create_jar_file() and exec_binary() to allow direct streaming of binary data from a StructrScript to the client. See also Creating non-HTML output.
The response keyword returns a reference to the current output stream of the HTTP response that is sent to the client when the rendering process is finished.
The response keyword can be used in the special functions create_jar_file() and exec_binary() to allow direct streaming of binary data from a StructrScript to the client.
Sets the response code of the current rendering run. Very useful in conjunction with set_response_header() for redirects.
set_response_code(value)
Sets the value of the HTTP response header with the given name to the given value. This method can be used to set and/or override HTTP response headers in the Structr server implementation to control certain aspects of browser / client behaviour.
set_response_header(name, value)
set_response_header(name, value [, override]) // New in v.3.6
// get all required elements
const loginForm = document.getElementById('login-form');
const emailInput = document.getElementById('email');
const passwordInput = document.getElementById('password');
const loginButton = document.getElementById('login-button');
loginForm.addEventListener('submit', async (event) => {
event.preventDefault();
loginButton.disabled = true;
// get from values
const email = emailInput.value;
const password = passwordInput.value;
// login
const response = await fetch('/structr/rest/login', {
method: 'POST',
body: JSON.stringify({
eMail: email,
password: password
})
});
if (response.status === 202) {
let redirectUrl = response.headers.get('twoFactorLoginPage')
+ '?token=' + response.headers.get('token')
+ '&qrdata=' + (response.headers.get('qrdata') ?? '');
window.location.href = redirectUrl;
} else {
if (response.ok) {
loginButton.textContent = 'Login successful';
window.location.href = '/';
} else {
loginButton.disabled = false;
loginButton.textContent = 'Wrong username or password.';
window.setTimeout(function() {
loginButton.value = 'Login';
loginButton.disabled = false;
}, 2000);
}
}
});
The Hypertext Transfer Protocol (HTTP) is a stateless communication protocol that is based on the exchange of plain text messages (request and response). A request message consists of a request line that contains the HTTP method, the URL of the requested resource (request URL) and HTTP version, a list of key-value pairs (request headers), and an optional request body. A response message consists of a response line with the HTTP status code, a list of response headers, and an optional response body.
A schema method can return any value (including null, which results in an empty response object). Non-empty return values will be transformed to JSON objects and returned in the response. If the method runs without errors, the response status code is 200 OK and the response body contains the JSON result of the method.
The HEAD method can be used to get information about the contents of the location in the request URL, without transferring the actual response body. Structr will simply return all the response headers of a GET request, but no response body.
| pdfservlet.defaultview | Default view to use when no view is given in the URL. |
| pdfservlet.outputdepth | Maximum nesting depth of JSON output. |
| pdfservlet.resolveproperties | Specifies the list of properties that are be used to resolve entities from URL paths. |
| pdfservlet.customresponseheaders | List of custom response headers that will be added to every HTTP response. |
| htmlservlet.defaultview | Default view to use when no view is given in the URL. |
| htmlservlet.outputdepth | Maximum nesting depth of JSON output. |
| htmlservlet.resolveproperties | Specifies the list of properties that are be used to resolve entities from URL paths. |
| htmlservlet.customresponseheaders | List of custom response headers that will be added to every HTTP response. |
<div id="qrimage-wrapper">
<img id="qrimage" style="margin-left: calc(50% - 100px);">
<div>To use two factor authentication, scan this QR code with an authenticator app on your smartphone.</div>
<div class="text-sm mt-6">
<div>
<b>Android: </b>
<a class="cursor-pointer hover:text-blue-400 text-blue-700" href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en&gl=US">Google Authenticator</a> on Google Playstore
</div>
<div>
<b>Apple iOS: </b>
<a class="cursor-pointer hover:text-blue-400 text-blue-700" href="https://apps.apple.com/us/app/google-authenticator/id388497605">Google Authenticator</a> on App Store
</div>
</div>
</div>
<form action="#" id="twoFactorForm">
<input id="twoFactorToken" type="hidden" value="${request.token}">
<div class="my-6">
<label class="block text-sm font-medium leading-5 text-gray-700">Two Factor Code</label>
<input id="twoFactorCode" class="appearance-none block w-full px-3 py-2 bg-blue-100 border border-gray-300 rounded-md placeholder-gray-400 focus:outline-none focus:shadow-outline-blue focus:border-blue-300 transition duration-150 ease-in-out sm:text-sm sm:leading-5">
</div>
<button type="submit" id="login-button" class="w-full flex justify-center py-2 px-4 border border-transparent text-sm font-medium rounded-md text-white bg-blue-600 hover:bg-blue-500 focus:outline-none focus:border-blue-700 focus:shadow-outline-indigo active:bg-blue-700 transition duration-150 ease-in-out">Login</button>
</form>
<script>
document.addEventListener('DOMContentLoaded', () => {
// get all required elements
const qrimageWrapper = document.getElementById('qrimage-wrapper');
const token = document.getElementById('twoFactorToken').value;
const codeInput = document.getElementById('twoFactorCode').value;
const loginButton = document.getElementById('login-button');
let qrdata = (new URLSearchParams(location.search)).get('qrdata');
if (!qrdata) {
// remove qr code placeholder if user is not shown qr code
qrimageWrapper.remove();
} else {
// transform url-safe qr code to regular base64 to display as image
qrimageWrapper.querySelector('#qrimage').src = 'data:image/png;base64, ' + qrdata.replaceAll('_', '/').replaceAll('-', '+');
}
document.getElementById('twoFactorForm').addEventListener('submit', async (event) => {
event.preventDefault();
loginButton.disabled = true;
const response = await fetch('/structr/rest/login', {
method: 'POST',
body: JSON.stringify({
twoFactorToken: token,
twoFactorCode: codeInput
})
});
if (response.ok) {
loginButton.textContent = 'Login successful';
window.location.href = '/';
} else {
let buttonText = 'Login failed - is device time correct?';
let reason = response.headers.get('reason');
if (reason === 'wrongTwoFactorCode') {
buttonText = 'Two Factor Code is not correct';
}
loginButton.disabled = false;
loginButton.textContent = buttonText;
window.setTimeout(function() {
loginButton.textContent = 'Login';
loginButton.disabled = false;
}, 2000);
}
});
});
</script>
Entity endpoints can be used to fetch the contents of a single object (using a GET request), to update an object (using PUT), or to delete an object (DELETE). Entity endpoints can also be used to execute schema methods. Access to entity endpoints and the corresponding responses are a little bit different to those of collection endpoints. The URL usually ends with a UUID, or with the name of method to be executed, and the response object contains only a single object instead of a collection.
The OPTIONS method can be used to collect information about the capabilities of an endpoint, without requesting actual content or invoking an action on the server. Structr will simply return all the response headers and an empty result object in response to an OPTIONS request.
In case of an error (syntax error, data error, call to the error method or failed assert calls), the response status code is the corresponding error code (401, 403, 404, 422 etc.) and the response body contains an error object.
If a request causes an error on the server, Structr responds with a corresponding HTTP status code and an error response object. You can find a list of possible status codes in the Troubleshooting Guide. The error response object looks like this.
The response of a maintenance command will always be 200 OK with an emtpy response object. Most commands will send their log output to the structr log file.
Note that the -i flag in the above curl command line causes the HTTP response headers to be printed, so we can examine the response.
| httpservice.gzip.enabled | Enables GZIP compression for HTTP transfers. |
| httpservice.async | Enables asynchronous request handling for the HttpService. Disable this option, if you encounter problems with HTTP responses. |
| httpservice.sni.required | Enables strict SNI enforcement for the HttpService. |
| httpservice.sni.hostcheck | Enables SNI host check. |
| json.indentation | Whether JSON ouput should be indented (beautified) or compacted. |
| html.indentation | Whether the page source should be indented (beautified) or compacted. Note: Does not work for template/content nodes which contain raw HTML. |
| ws.indentation | Whether websocket responses should be beautified. |
| application.session.timeout | The session timeout in seconds for HTTP sessions. |
| application.session.max.number | Maximum number of session per user. Defaults to -1 (unlimited). |
| application.session.clear.onstartup | If set to true, all sessions will be cleared during startup. |
| application.session.clear.onshutdown | If set to true, all sessions will be cleared during shutdown. |