Logging in without displaying a login page
I am writing an app which will display articles at a membership based website.
We want the app to be able to read and display articles that are set as "members only" - even if the app owner is not a member.
So I want to be able to login without showing the app user any user or password info.
When I try to access a members only article , I get a redirect, but I do not get an authentication challenge.
Any ideas how I can get my app to login automatically?
Here's what the form looks like. Do I have to include all of the input values in my POST request?
<FORM ACTION="https://www.mysite.com/cgi-bin/mysite/process" METHOD=POST&g开发者_开发知识库t;
<input type="hidden" NAME="mv_todo" VALUE="return">
<input type="hidden" name="mv_session_id" value="DySUxWM5">
<INPUT TYPE="hidden" name="mv_success_variable_hash" VALUE="">
<INPUT TYPE="hidden" name="mv_success_variable_hash_colon" VALUE="">
<INPUT TYPE="hidden" NAME="mv_successpage" VALUE="index">
<input type="hidden" name="mv_failpage" value="login">
<input value="1942255628Hx0xE2S5iCw0caMyNmrf7j2ROvvM0QUJoEVLVz+2PRq4Jjs4azdjrjWSnwN7JkIr" name="form_fn" type="hidden"><input value="login" name="form_page" type="hidden"><input value="1" name="login_form_2_revisit" type="hidden"><table cellpadding="4" class="standard_form">
<tr><td colspan="2"><font color=red><b>New Visitors:</b></font> <a href="http://www.mysite.com/cgi-bin/mysite/account_create.html">Create a new account</a></td></tr>
<tr><td class="standard_form_field"><b>Username:</b></td>
<td colspan="1"><input maxlength="64" name="mv_username" onChange="if (this.value.match(/(^\s+)|(\s+$)/)){this.value = this.value.replace(/(^\s+)|(\s+$)/g,'');}if (this.value.match(/^$/) && !this.getAttribute('js_init_now')) {alert('This is a required field. Please make sure that it is not empty.'); this.focus();this.select();return false; }; " type="text" size="15"></td></tr>
<tr><td class="standard_form_field">Password:</td>
<td colspan="1"><input name="mv_password" type="password" size="15"></td></tr>
<tr><td colspan="2"><input value="1" name="persistent_login" type="checkbox"> Remember my login info.</td></tr>
<tr><td colspan="2"><input value="" name="login_complete_param" type="hidden"> <input value="Continue..." name="ig_click form-method:continue" type="submit" class="coolButton"></td></tr>
</table>
<p ></p>
</form>
Use the http://allseeing-i.com/ASIHTTPRequest/ library its alot easier to use then the standard NSURL requests. Also there is alot of really good sample code if you like seeing a working example. I used it on a project recently and it works really well i had to login to a site automatically and it worked perfectly. Good Luck.
Edit:
Looking at the form you just posted. This code should help you it is how you would submit the form using the ASIHTTPREQUEST library. This should get you started... :D
NSURL *url = [NSURL URLWithString:@"https://www.mysite.com/cgi-bin/mysite/process"];
ASIFormDataRequest *requestPOST = [ASIFormDataRequest requestWithURL:url];
[requestPOST setPostValue:@"return" forKey:@"mv_todo"];
[requestPOST setPostValue:@"DySUxWM5" forKey:@"mv_session_id"];
[requestPOST setPostValue:@"" forKey:@"mv_success_variable_hash"];
[requestPOST setPostValue:@"" forKey:@"mv_success_variable_hash_colo"];
[requestPOST setPostValue:@"index" forKey:@"mv_successpage"];
[requestPOST setPostValue:@"login" forKey:@"mv_failpage"];
[requestPOST setPostValue:@"942255628Hx0xE2S5iCw0caMyNmrf7j2ROvvM0QUJoEVLVz+2PRq4Jjs4azdjrjWSnwN7JkIr" forKey:@"form_fn"];
[requestPOST setPostValue:@"login" forKey:@"form_page"];
[requestPOST setPostValue:@"1" forKey:@"login_form_2_revisit"];
[requestPOST setPostValue:@"PUT YOUR USERNAME VARIABLE IN HERE" forKey:@"mv_username"];
[requestPOST setPostValue:@"PUT YOUR PASSWORD VARIABLE IN HERE" forKey:@"mv_password"];
[requestPOST setPostValue:@"1" forKey:@"persistent_login"];
[requestPOST setPostValue:@"" forKey:@"login_complete_param"];
[requestPOST setPostValue:@"Continue..." forKey:@"ig_click form-method:continue"];
[requestPOST start];
Not sure on how your site is authenticating... But since you mentioned being redirected I assume its via some webform.
When I had to do something similar, I had a single object that takes care of the webrequests, and it took care of the redirection to the login page, then continued onto the actual page before sending a response to the consumer of the object.
The interesting bits would be in:
- (NSURLRequest *)connection:(NSURLConnection *)connection willSendRequest:(NSURLRequest *)request redirectResponse:(NSURLResponse *)redirectResponse { ...
I did:(psuedo-ish code)
NSURL* redirected_url = [request URL] ;
NSString* querystr = [redirected_url query] ;
if ( [self need_to_login:redirected_url] ) {
NSString* body = [self generate_login_body_string] ;
request = [self makeRequestLocation:@"/sign_in" Method:@"POST" Body:body] ;
}
return request ;
Where the String for body was the www-form encoded params that the web form would have generated in the browser. The site had a next_url param that had the page to forward to when the login was correct.
Later in the code I check to make sure the login was success, but checking to see if I was redirected to the correct page or redirected to the bad login page.
精彩评论