Getting API Key - developing new plugin


I’m writing a plugin for a web service where there is a request you make initially with your username and password for the site and it sends you back a User ID and secret, which you are then meant to store and use for future requests.

Any ideas how to do that in a grav plugin? There don’t seem to be any events available for when someone edits the configuration via the admin plugin. Also I can’t see a way of writing to the config files from a plugin, otherwise I could maybe save the username and password to the config file and then change that to the user ID and secret when the user first accesses a page that needs the plugin (although that still means their username and password would be saved to the disk until such time as they use a page).

Any suggestions on how to handle this one? I notice that the instagram and Facebook plugins don’t really provide a user friendly way of getting the API keys need, so maybe it’s an are that needs improving in Grav itself?



@graf I once created a plugin (unfinished and unpublished) to migrate WordPress to Grav. The user needed to be authenticated using OAuth.

In short, the logic of my solution looks like the following:

  1. PHP sends page containing Javascript to the user
  2. Javacript in turn:
    • Handles exchanging authentication data with OAuth server
    • Stores received Key/Secret in localStorage of browser
    • Calls API and sends results to PHP using Ajax
  3. PHP processes results.

Hope this helps…