Secure remote requests to Razberry

[xchatter]

Hi dolpheen,

Thanks for your hints.
I got no success on getting the cookie from ajax request. What i did is:
$.ajax({
type: 'POST',
url: 'https://find.z-wave.me/zboxweb?act=logi ... s=xxxxxxxx',

success: function (output, status, xhr) {
console.log(xhr.getResponseHeader('ZBW_SESSID'));
});
it returns null always. i tried to console.log the whole object and try to find the cookie, but it's not returned.
Can you write down a few steps on how to accomplish this(make a request for the cookie, then make request using this cookie). If it's simpler to use nginx, can you provide some help there?

Thanks.

[dolpheen]

I didn't check it, but if you want to use JQuery, the post should be in the next format

Code: Select all

$.post( https://find.z-wave.me/zboxweb", { act: "login", login: 'xxxxxx', pass:'xxxxxx' })
  .done(function( data ) {
    alert( "Data returned: " + data );
  });

For installing and configuring nginx reverse proxy, SSL and basic authentication - I'll create a topic in Recipes soon.

[xchatter]

Hi dolpheen,

I tried this way also, but the result is the same.
I only get the HTML document as data result, but there is no session id which i can store.
And the cookies are empty.

[dolpheen]

Yes, I checked it and it doesn't work from browser javascript.
I forget about cross-domain issues while using cookies.
I think the logic can be done in PHP (with direct setting cookies) but I'm not a php master

[xchatter]

:/
I guess I will wait for your nginx recipe since I am out of ideas right now.
Thanks anyway

[xchatter]

Hi guys, if this will be useful to anyone, I got this working using PHP and cURL.
I am very happy now
Here is an example code for anyone interested:

Code: Select all

$username = 'xxx';
$password = 'xxx';
$url = 'http://find.z-wave.me/zboxweb';
$cookie="cookie.txt";  //Make sure you create this file and set the write permissions so it can be written/read Also I assume that you create it in the same dir, where is the PHP file. 

$url1 = "http://find.z-wave.me/ZWaveAPI/Run/devices[3].instances[0].SensorMultilevel.data"; //just example for better vision

//login form action url
$postinfo = "act=login&login=$username&pass=$password";

$cookie_file_path = "cookie.txt";

$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_NOBODY, false);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);

curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);
//set the cookie the site has for certain features, this is optional
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);
curl_setopt($ch, CURLOPT_USERAGENT,
    "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_REFERER, $_SERVER['REQUEST_URI']);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);

curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postinfo);

$result = curl_exec($ch);
//var_dump($result);

//page with the content I want to grab
curl_setopt($ch, CURLOPT_URL, $url1);
//do stuff with the info with DomDocument() etc
$html = curl_exec($ch);
var_dump($html);
curl_close($ch);

Works like a charm and with this you can make all the requests using Z-way API, and through the z-wave.me services.
Pretty cool!

[jacksun101]

Hello, is this script still working?