Log in with code
Hans Karlsen (talk | contribs) No edit summary |
Hans Karlsen (talk | contribs) No edit summary |
||
| Line 1: | Line 1: | ||
Turnkey use MVC for the login form. This form make use of the __RequestVerificationToken that helps MVC avoid attacks where an old posted form is used again. | |||
You will need to supply a valid RequestVerificationToken when logging in from code. | |||
The easiest way to get a valid RequestVerificationToken is to screen scrape it from the login page. | |||
The code below download the Login page, finds the RequestVerificationToken. | |||
Then the code make a post with the needed parameters for login including the screen scraped __RequestVerificationToken | |||
private void Button_Click_1(object sender, RoutedEventArgs e) | private void Button_Click_1(object sender, RoutedEventArgs e) | ||
{ | { | ||
var client = new HttpClient(); | var client = new HttpClient(); | ||
var loginform = client.GetAsync("https://raptor3ny/TurnkeyWebAppGeneric/Account/Login").Result; | var loginform = client.GetAsync("https://raptor3ny/TurnkeyWebAppGeneric/Account/Login").Result; | ||
var loginformcontent = loginform.Content.ReadAsStringAsync().Result; | var loginformcontent = loginform.Content.ReadAsStringAsync().Result; | ||
| Line 22: | Line 30: | ||
} | } | ||
} | } | ||
Revision as of 11:10, 11 June 2017
Turnkey use MVC for the login form. This form make use of the __RequestVerificationToken that helps MVC avoid attacks where an old posted form is used again.
You will need to supply a valid RequestVerificationToken when logging in from code.
The easiest way to get a valid RequestVerificationToken is to screen scrape it from the login page.
The code below download the Login page, finds the RequestVerificationToken.
Then the code make a post with the needed parameters for login including the screen scraped __RequestVerificationToken
private void Button_Click_1(object sender, RoutedEventArgs e)
{
var client = new HttpClient();
var loginform = client.GetAsync("https://raptor3ny/TurnkeyWebAppGeneric/Account/Login").Result;
var loginformcontent = loginform.Content.ReadAsStringAsync().Result;
var part1=loginformcontent.Substring(loginformcontent.IndexOf("<input name=\"__RequestVerificationToken\""), 1000);
part1 = part1.Substring(part1.IndexOf("value="));
part1 = part1.Substring(part1.IndexOf('"') + 1);
part1 = part1.Substring(0,part1.IndexOf('"'));
var content = new MultipartFormDataContent();
content.Add(new StringContent("hans@karlsen.se"), "EMail");
content.Add(new StringContent("123456"), "Password");
content.Add(new StringContent("false"), "RememberMe");
content.Add(new StringContent(part1), "__RequestVerificationToken");
var result = client.PostAsync("https://raptor3ny/TurnkeyWebAppGeneric/Account/Login", content).Result;
if (result.StatusCode == System.Net.HttpStatusCode.OK)
{
// Login successfull
}
}
This page was edited more than 9 months ago on 03/26/2024. What links here