nethcti-middleware: Missing /user/presence API in FreePBX APIs whitelist #7772
Description
Bug Description
The /api/user/presence API endpoint was returning a 401 error with the message "query token is empty" when called from the wizard interface.
Context
This API is used in the Users interface to clear user presence status (e.g., changing from "Do Not Disturb" to "Online") via the "eraser" icon next to the user's status.
The API is called with FreePBX admin authentication headers (User: admin and Secretkey: <value>), similar to other wizard APIs like:
/api/user/endpoints/all/api/astproxy/extensions/api/astproxy/trunks
Root Cause
The /user/presence endpoint was not included in the FreePBX APIs whitelist in configuration/configuration.go, causing it to require JWT authentication instead of accepting the FreePBX admin headers.
Solution
Added /user/presence to the FreePBXAPIs list in configuration/configuration.go:147 to allow it to bypass JWT authentication when called with proper FreePBX admin headers.
API Call Example
curl 'https://<server>/api/user/presence' \
-H 'content-type: application/json;charset=UTF-8' \
-H 'secretkey: <secret>' \
-H 'user: admin' \
--data-raw '{"username":"antonio","status":"online"}'Related Component
- Repository: nethcti-middleware
- File:
configuration/configuration.go - Line: 147