Command-line authentication #69
Comments
|
I swear I had this working this afternoon; then when I tried to verify it just now on a different Shaarli instance it wouldn't work. So I'll give you what I had, and let you puzzle it out from here; hopefully it's at least enough to get you on your way.... It takes two commands, the first to get a valid token from Shaarli and the second to use that token and your username/password to log in and query the page you want to access: token=$(curl --silent http://my.shaarli.url/?do=login | sed -n 's/._token._value="(.*)">$/\1/p') curl -L -F "Login=submit" -F "login=myname" -F "password=secret" -F "token=$token" "http://my.shaarli.url/?do=export&what=private" The first command is parsing the login page to get the token. It might be instructive to just issue the curl command and look at the output (which is pretty small and clean). Here, it's piped to sed to look for the string "token...value=""" and only save . Note that you'll get the same error response from Shaarli for a bad token as you will for a bad username or password, so it might be helpful, while you're experimenting, to separate out into several code blocks that 'if' statement that returns "Wrong login/password" when it fails, so you can get different error responses. |
|
Thanks. The sed command syntax was incorrect. Here is the correct one: But returns I don't know what I'm doing wrong. Did you get the same error message? |
|
ahh, I apologize, something ate my escapes :( Hope you didn't spend too much time fighting that. I am getting that error, too. I can hack up index.php and, at least for me, prove that it's always failing because Shaarli thinks the re-submitted token is invalid. Last week I did something that got past that, but then promptly deleted the VM as part of a wider cleanup so I don't have a shell history to comb through anymore, and apparently I wrote down the wrong command when recording my success :( The command must have been something slightly different, but I've spent about an hour now trying to replicate my success and still can't. There is probably an option to curl missing, or maybe a missing field that needs to be submitted, but for the life of me I can't figure it out right now. For what it's worth, I've done this sort of thing (query a site for a magic token, then submit login credentials with a request for the destination page) before, so I was cribbing from some working code for talking to another web server. So I still think this is close, but I'm afraid I can't help you get the rest of the way there. |
|
I'm still struggling with this. I'm trying to create a simple export script that I could pass to an external program for offline storage purposes (would somehow solve #58). @sebsauvage any idea on how to do this? |
|
I got this working (first store the token and cookie, then post the login/password along with token/cookie). See https://github.com/nodiscc/shaarchiver/blob/master/export-shaarli.py |
bookmarklet: add ✚ sign to make it more recognizable in toolbars
How would I access a feature that requires authentication using a command-line tool (eg.
curl)?Let's say I want to access http://my.shaarli.url/links/?do=export&what=private
Thanks
The text was updated successfully, but these errors were encountered: