39 lines
1.2 KiB
Org Mode
39 lines
1.2 KiB
Org Mode
|
:PROPERTIES:
|
||
|
|
:ID: 33e47957-b3d0-41c9-8977-7243b42a76dd
|
||
|
|
:END:
|
||
|
|
#+title: Control Panel HTTP Requests
|
||
|
|
#+PROPERTY: header-args :exports both :eval no-export
|
||
|
|
#+PROPERTY: header-args:http :cookie .cookies :cookie-jar .cookies
|
||
|
|
|
||
|
|
* Cookies
|
||
|
|
| Name | Description |
|
||
|
|
|-------------+-------------|
|
||
|
|
| AUTORESPSID | Session ID |
|
||
|
|
|
||
|
|
Cookies for requests in this document are stored in cookie file by curl in
|
||
|
|
=~/.cookies= (https://curl.se/docs/http-cookies.html).
|
||
|
|
* AJAX Requests
|
||
|
|
Control Panel controller actions that expect to be called as AJAX endpoints
|
||
|
|
expect the =X-Requested-With= header to be present and set to =XMLHttpRequest=.
|
||
|
|
* Logging In
|
||
|
|
** Fetching a CSRF Token
|
||
|
|
#+name: login-csrf
|
||
|
|
#+begin_src http :pretty
|
||
|
|
GET localhost:8080/users/pub/csrf
|
||
|
|
X-Requested-With:XMLHttpRequest
|
||
|
|
#+end_src
|
||
|
|
|
||
|
|
#+RESULTS: login-csrf
|
||
|
|
: 63116e764c5d31cdd3e4f230ee3740527f6eb1c76aea1cb04e30da5d68e24d78
|
||
|
|
|
||
|
|
** Sending credentials
|
||
|
|
#+begin_src http :pretty :var csrf=login-csrf
|
||
|
|
POST localhost:8080/users/account/loginAjax
|
||
|
|
X-Requested-With: XMLHttpRequest
|
||
|
|
|
||
|
|
username=lookatme@example.com&password=testing&_csrf=${csrf}
|
||
|
|
#+end_src
|
||
|
|
|
||
|
|
#+RESULTS:
|
||
|
|
: {"submitStatus":{"code":200,"message":"\/users\/","category":"status_success"},"validationErrors":[]}
|