Bitrix controllers: how to access cart methods for unauthorized users?

S

Sergey Chazov2019-12-08 12:19:08

1C-Bitrix

Sergey Chazov, 2019-12-08 12:19:08

I am writing a module that implements an API for interacting with the cart (the cart itself will be on react). I have methods for adding items to cart, removing items, listing, etc. for tests, I started the test.php page, on which methods from my module are called like this:

<button onclick="f1()">ADD</button>

function f1() {
            let request = BX.ajax.runAction('mymodulename:controllers.sale.basketitem.add',
                {
                    data: {
                        productId: 303,
                        quantity: 1,
                    }
                }
            );
            request.then(function(response) {
                console.log(response);
            });
        }

And it works. BUT. Only when I am logged in to the site. If I'm not authorized, it requires authorization. I thought it was the cart methods. And I wrote methods for authorization on the site. But it also shaves requests to these methods and requires ... to log in))))

Someone may have come across this garbage? In the standard basket component, this is definitely implemented without authorization .. but there are such wilds. I haven't figured it out yet..

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

S

Sergey Chazov, 2019-12-11
@chazovs

In general, the answer turned out to be to create a special method in the class:

public function configureActions(): array
    {
        return [
           'update' => [
                '-prefilters' => [
                    Authentication::class,
                ],
            ],
        ];
    }

And in this method, disable the authorization check. in the same method, you can also disable the csrf check. Or you can just pass with JS
sessid: BX.bitrix_sessid(),