API cannot read Authentication Headers on Apache

[vgiotsas]

When I try to run the client-connect.php script it always fails with error 401 (Access Denied).
I did some digging and it appears that the server cannot read the header values that contain the client ID, the time and the hash values.

According to this post Apache will put the HTTP prefix before the header name and it will transform dashes to underscores. So, I changed the header names in the client script and the API's index.php.

In the client-connect.php script (line 28) I changed the headers to:

$headers = ['X-API-ID: ' . $id, 'X-API-TIME: ' . $time, 'X-API-HASH: ' . $hash];

and in the public\index.php (lines 43-45) I changed the header names to:

$clientId = $app->request->getHeader('HTTP_X_API_ID');
$time = $app->request->getHeader('HTTP_X_API_TIME');
$hash = $app->request->getHeader('HTTP_X_API_HASH');

After this change the request is authenticated correctly and the client receives the pong message. I'm not sure if the problem is specific to Apache or not, according to the Readme the example uses PHP's built-in server so I assume that it works fine for the built-in server, but I put these changes out here in case more people have the same problem with Apache. My setup is Phalcon 2.0.8, PHP 5.5.9, Apache 2.4.7

[Lomion-tm]

It is 100% correct what you are saying! And it is not only Apache specific Hiawatha has the same "problem" or better to say the 2 files have the problem. Changed the code like you suggested and everything is up and running fine!

(Hiawatha 9.14, PHP 5.5.9, Phalcon 2.0.8)

[barros-felipe]

Thansk @vgiotsas worked for me.

[saurabhchandrapatel]

I have also same issue