I have tried everything I can find on the web on how to implement this to log into this site. Here is the most recent failure.
// I have tried with multiple different URLS this one
// and http://www.movable.com/login do not throw errors
string url = "http://portal.movable.com/";
string username = "<myusername>";
string password = "<mypassword>";
string authTok = @"+HOt3NTkkIAHkMSMvzQisEquhun9xvIG1mHzIEh6CAo=";
string postData = "utf8=✓" + "&authenticity_token=" + authTok +
"&user[login]=" + username +
"&user[password]=" + password + "&user[offset]=-5";
var container = new CookieContainer();
var buffer = Encoding.UTF8.GetBytes(postData);
var request = (HttpWebRequest)HttpWebRequest.Create(url);
request.CookieContainer = container;
request.UserAgent = "Mozilla/5.0";
request.Method = "POST";
request.KeepAlive = true;
request.AllowAutoRedirect = true;
request.CookieContainer = container;
request.ContentLength = buffer.Length;
request.ContentType = "application/x-www-form-urlencoded; charset=UTF-8";
request.Accept = "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8";
using (var requestStream = request.GetRequestStream())
requestStream.Write(buffer, 0, buffer.Length);
using (var response = request.GetResponse())
{
using (var reader = new StreamReader(response.GetResponseStream()))
{
var result = reader.ReadToEnd();
//this is to read the page source after the request
MessageBox.Show(result);
}
}
Also here is the relevant data from the site (I know the tokens are different in the example I have made them the same and it doesnt work)
<form accept-charset="UTF-8" action="/signin" class="new_user" id="new_user" method="post"><div style="margin:0;padding:0;display:inline"><input name="utf8" type="hidden" value="✓" /><input name="authenticity_token" type="hidden" value="hHfoUnIbi+6RB51x1cqXqAYHkjz9mCi7nc86gMdiMOo=" /></div>
<p class="notice">Signed out successfully.</p>
<h2>login to your account</h2>
<label for="user_login">Login</label>
<input id="user_login" name="user[login]" size="30" type="text" />
<label for="user_password">Password</label>
<input id="user_password" name="user[password]" size="30" type="password" />
<input id="user_offset" name="user[offset]" type="hidden" />
<label for="user_remember_me">
<input name="user[remember_me]" type="hidden" value="0" /><input id="user_remember_me" name="user[remember_me]" type="checkbox" value="1" />
Remember me on this computer.
</label>
<button class="login" name="button" type="submit">Login</button>
<a href="/users/password/new" class="forgotPassword">Forgot password?</a>
</form> </div>
Try this way:
var cookieJar = new CookieContainer();
CookieAwareWebClient client = new CookieAwareWebClient(cookieJar);
// the website sets some cookie that is needed for login, and as well the 'authenticity_token' is always different
string response = client.DownloadString("http://portal.movable.com/signin");
// parse the 'authenticity_token' and cookie is auto handled by the cookieContainer
string token = Regex.Match(response, "authenticity_token.+?value=\"(.+?)\"").Groups[1].Value;
string postData =
string.Format("utf8=%E2%9C%93&authenticity_token={0}&user%5Blogin%5D=USERNAME&user%5Bpassword%5D=PASSWORD&user%5Boffset%5D=5.5&user%5Bremember_me%5D=0&button=", token);
//WebClient.UploadValues is equivalent of Http url-encode type post
client.Method = "POST";
response = client.UploadString("http://portal.movable.com/signin", postData);
//i am getting invalid user/pass, but i am sure it will work fine with normal user/password
}
Extra Class Used :
public class CookieAwareWebClient : WebClient
{
public string Method;
public CookieContainer CookieContainer { get; set; }
public Uri Uri { get; set; }
public CookieAwareWebClient()
: this(new CookieContainer())
{
}
public CookieAwareWebClient(CookieContainer cookies)
{
this.CookieContainer = cookies;
}
protected override WebRequest GetWebRequest(Uri address)
{
WebRequest request = base.GetWebRequest(address);
if (request is HttpWebRequest)
{
(request as HttpWebRequest).CookieContainer = this.CookieContainer;
(request as HttpWebRequest).ServicePoint.Expect100Continue = false;
(request as HttpWebRequest).UserAgent = "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0";
(request as HttpWebRequest).Accept = "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8";
(request as HttpWebRequest).Headers.Add(HttpRequestHeader.AcceptLanguage, "en-US,en;q=0.5");
(request as HttpWebRequest).Referer = "http://portal.movable.com/signin";
(request as HttpWebRequest).KeepAlive = true;
(request as HttpWebRequest).AutomaticDecompression = DecompressionMethods.Deflate |
DecompressionMethods.GZip;
if (Method == "POST")
{
(request as HttpWebRequest).ContentType = "application/x-www-form-urlencoded";
}
}
HttpWebRequest httpRequest = (HttpWebRequest)request;
httpRequest.AutomaticDecompression = DecompressionMethods.GZip | DecompressionMethods.Deflate;
return httpRequest;
}
protected override WebResponse GetWebResponse(WebRequest request)
{
WebResponse response = base.GetWebResponse(request);
String setCookieHeader = response.Headers[HttpResponseHeader.SetCookie];
if (setCookieHeader != null)
{
//do something if needed to parse out the cookie.
try
{
if (setCookieHeader != null)
{
Cookie cookie = new Cookie(); //create cookie
this.CookieContainer.Add(cookie);
}
}
catch (Exception)
{
}
}
return response;
}
}
Response Received
<!DOCTYPE html>
<html>
<head>
<title>MOVband Portal</title>
<link href="/assets/application-f9d3794ad4639d96cd50c115ad241438.css" media="all" rel="stylesheet" type="text/css" />
<!--[if lt IE 9]>
<script src="/assets/modernizr-9b693978fbc3fcd01874b01875a736bf.js" type="text/javascript"></script>
<script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<!--[if IE 7]>
<link href="/assets/ie7-ca67da697ba8da1de77889ceedc4db1a.css" media="all" rel="stylesheet" type="text/css" />
<![endif]-->
<script src="/assets/application-b1fcaae48e75e2455cf45e1d75983267.js" type="text/javascript"></script>
<meta content="authenticity_token" name="csrf-param" />
<meta content="aC33zdBSSAz63dVjOgYXR/L6skV/QxxHe4XqX3UYCek=" name="csrf-token" />
</head>
<body id="login">
<header>
<div class="container">
<a href="http://movable.com">
<img alt="Movablelogo" class="logo" src="/assets/movableLogo-3429bb636ded1af0a80951c7d4386770.png" />
</a> </div>
</header>
<section class="main">
<div class="container">
<div id="loginWindow" class="cf">
<img alt="Movbandlogologin" class="movbandlogo" src="/assets/MOVbandLogologin-3cacbbe2b9bb05b16a3ca521acf81fc6.png" />
<div class="cf">
<div id="welcomeMessage">
<h1>Welcome</h1>
<img alt="Movbanddevice" class="device" src="/assets/MOVbandDevice-acbb62593330775ac09dced40e28e8e2.png" />
<p>
Just got your MOVband? We'll have you moving in no time with our quick product registration and setup.
<a href="/join">Join ></a>
</p>
</div>
<form accept-charset="UTF-8" action="/signin" class="new_user" id="new_user" method="post"><div style="margin:0;padding:0;display:inline"><input name="utf8" type="hidden" value="✓" /><input name="authenticity_token" type="hidden" value="aC33zdBSSAz63dVjOgYXR/L6skV/QxxHe4XqX3UYCek=" /></div>
<p class="alert">Invalid email or password.</p>
<h2>login to your account</h2>
<label for="user_login">Login</label>
<input id="user_login" name="user[login]" size="30" type="text" value="USERNAME" />
<label for="user_password">Password</label>
<input id="user_password" name="user[password]" size="30" type="password" />
<input id="user_offset" name="user[offset]" type="hidden" value="5.5" />
<label for="user_remember_me">
<input name="user[remember_me]" type="hidden" value="0" /><input id="user_remember_me" name="user[remember_me]" type="checkbox" value="1" />
Remember me on this computer.
</label>
<button class="login" name="button" type="submit">Login</button>
<a href="/users/password/new" class="forgotPassword">Forgot password?</a>
</form> </div>
</div>
</div>
</section>
<footer>
<div class="container">
<div class="social_icons">
<a href="https://www.facebook.com/getMOVband" class="fb_link" target="_blank"></a>
<a href="https://twitter.com/getmovband" class="tw_link" target="_blank"></a>
<a href="http://www.youtube.com/getmovband" class="yt_link" target="_blank"></a>
<a href="http://www.linkedin.com/company/2355960" class="li_link" target="_blank"></a>
</div>
</div>
</footer>
</body>
</html>