Login to website with Synapse

[P.curtis]

Hi All,

I'm trying to use HTTPSend to login to a website with something like :-

Code: Pascal  [Select][+][-]

1.   HTTPSender := THTTPSend.Create;
2.   HTTPSender.MimeType := 'application/x-www-form-urlencoded';
3.   HTTPSender.UserName:='jorblogs';
4.   HTTPSender.Password:='notforyou';
5.   HTTPGetResult := HTTPSender.HTTPMethod('POST', 'https:\\www.somesite.com');
6.  

but it doesnt work. I get a resonse, but not logged in. What am I missing?

Thanks in advance.

[egsuh]

There may be several possibilities.

1. The action target may not be www.somesite.com. It can be www.somesite.com/login, or any other script defined.  You'll have to check the action property of the browser form.

2. Your method will not succeed if www.somesite.com are checking other data than username and password, like cookies or hidden field data.

3.  BTW, how do you check whether you are logged in via Synapse?

[rvk]

but it doesnt work. I get a resonse, but not logged in. What am I missing?

And what response so you get?

Also, you're using https, so did you put the openssl libraries in your exe directory?

[P.curtis]

SSL stuff is OK.

I get a HTML  page as a response. Looking through the HTML code I can see that I am not logged in.

The site is based on vBulletin.

[rvk]

The site is based on vBulletin.

Then you can't login with the Username and Password properties of THTTPSend.
Those are for website where you can pass username and password via the socket.
Like https://myuser:password@mydomain.com

You need to look at the way the login is implemented. For example, you can look in Chrome, with F12 developer tools, what is actually posted during a login. If the login is relatively simple, like just passing username and password in a form, then it's simple. If it has a more sophisticated login, like Google and Facebook, then login in will be much harder.

If I look at a vBulletin site it does do a post with username=aaaaaaa&password=bbbbbbbb&privacyconsent=1&securitytoken=guest form-data to /auth/ajax-login, but I'm not sure if that's the only data it sends.

[P.curtis]

@rvk. Thanks. Any idea or code on how to handle what you wrote

If I look at a vBulletin site it does do a post with username=aaaaaaa&password=bbbbbbbb&privacyconsent=1&securitytoken=guest form-data to /auth/ajax-login, but I'm not sure if that's the only data it sends.

[rvk]

Any idea or code on how to handle what you wrote

Something like this:

Code: Pascal  [Select][+][-]

1. uses httpsend, synautil;
2.  
3. procedure TForm1.Button1Click(Sender: TObject);
4. var
5.   HTTPSend: THTTPSend;
6.   Ok: boolean;
7.   ForumUrl, Username, Password: string;
8.   TextFromDocument: string;
9. begin
10.  
11.   ForumUrl := 'https://forum.vbulletin.com';
12.   Username := 'someuser';
13.   Password := 'somepassword';
14.  
15.   HTTPSend := THTTPSend.Create;
16.   try
17.     HTTPSend.MimeType := 'application/x-www-form-urlencoded';
18.     WriteStrToStream(HTTPSend.Document,
19.       ansistring('username=' + Username + '&password=' + Password +
20.       '&privacyconsent=1&securitytoken=guest'));
21.     Ok := HTTPSend.HTTPMethod('POST', ForumUrl + '/auth/ajax-login');
22.     TextFromDocument := ReadStrFromStream(HTTPSend.Document, HTTPSend.Document.Size);
23.     Memo1.Lines.Add('---------------');
24.     Memo1.Lines.Add('Result = ' + HTTPSend.ResultCode.ToString + ' ' + HTTPSend.ResultString);
25.     Memo1.Lines.Add('---------------');
26.     Memo1.Lines.Add(HTTPSend.Headers.Text);
27.     Memo1.Lines.Add('---------------');
28.     Memo1.Lines.Add(TextFromDocument);
29.     Memo1.Lines.Add('---------------');
30.   finally
31.     HTTPSend.Free;
32.   end;
33. end;

You'll need to see what you get back and if you need to set cookies and session-variables. You could use the cookie-mechanism of Synapse and save them from HTTPSend (of use the same HTTPSend for following requests).