-1

I am trying to write short script to do HTTP authentication using GET request

This makes GET request.

    def try_login(u, p)
      path1 = '/index.php'
      path2 = '?uuser=#{myuser}&ppass=#{mypass}'
      r = send_request_raw({
        'URI' => "#{path1}#{path2}",
        'method' => 'GET'
      })
    ...continued...

But this code does not work because error says:

undefined local variable or method `myuser'

--> Basically I am trying to send one (1) GET request with login parameters, and the app responds with a specific data. And I do not know how to put placeholders for user and pass in this GET request.

...

Next, I am checking the HTTP response. Response comes in as JSON mime like this:

Success response

{"param1":1,"param2"="Auth Success","menu":0,"userdesc":"My User","user":"uuser","pass":"ppass","check":"success"}

Fail response

{"param1":-1,"param2"="Auth Fail","check":"fail"}

--> How can I check the response body for this kind of data.

I have been trying all day now, but stuck totally. Please advice.

Edit: I do not understand why some one down voted this question saying little to no research on my part. Until before yesterday morning, I had absolutely zero idea about ruby code & working with it. And then I spent numerous hours looking at many different examples, making my script and testing it out. When it still didn't work, I asked my question here. Please, if you still want to down vote, do it but please, at least share some pointers to solve this as well.

Sunshine
  • 479
  • 10
  • 24
  • why can't you just say if (r['param2'] == 'Auth Fail')... ? -- assuming you've parsed the json.. – xaxxon May 18 '13 at 23:57
  • Are you asking how to parse the json? Also, that's not http authentication. – pguardiario May 19 '13 at 00:32
  • Yes, I have 2 questions. First is how to send a GET request with username and password placeholders, so that I can eventually loop through user, pass values. Second is once I receive the json response, how can I parse to find the pass/fail keyword. – Sunshine May 19 '13 at 02:21
  • Ask ONE question at a time, not multiple questions, unless they are closely related. Your two are not closely related. – the Tin Man May 19 '13 at 04:26
  • @theTinMan both are related subparts of one exercise. I am trying to do the task with 1 GET request only which I know returns a specific content type response. Hence I put both sections here. – Sunshine May 19 '13 at 10:52
  • I really hope that those GET requests are over an HTTPS connection. Also, sending back the password in a JSON response is generally considered bad practice. – rtcherry May 19 '13 at 11:24
  • @rtcherry the GET request with this app goes to port 8443. http://ip:8443/login.php?user=&pass= – Sunshine May 19 '13 at 16:15

1 Answers1

0
def try_login(u, p)
  path1 = '/index.php'
  path2 = '?uuser=#{myuser}&ppass=#{mypass}'
  r = send_request_raw({
    'URI' => "#{path1}#{path2}",
    'method' => 'GET'
  })
...continued...

Should be:

def try_login(u, p)
  path1 = '/index.php'
  path2 = "?uuser=#{u}&ppass=#{p}"
  r = send_request_raw({
    'URI' => "#{path1}#{path2}",
    'method' => 'GET'
  })
...continued...

For parsing JSON in Ruby, I would recommend you take a look at this answer to another question.

Edit: The reason try_login(u, p) isn't working as you would expect is because Ruby does not do string interpolation for single quoted (') strings. Additionally, myuser and mypass do not appear to be the correct variables.

Community
  • 1
  • 1
rtcherry
  • 4,840
  • 22
  • 27
  • Thanks for replying @rtcherry. But I do not follow. Do you mean, when I do a 'URI' => "#{path1}#{path2}", this action is not supported by Ruby? If this is the case, how can I achieve this any other way...? – Sunshine May 19 '13 at 16:04
  • Also, the variables, myuser and mypass are just shown for clarity here. The actual code has u & p like you pointed out.. Thanx! – Sunshine May 19 '13 at 16:05
  • @Sunshine Lets say `u = 'test_user'` and `p = 'test_password'`. `'?uuser=#{u}&ppass=#{p}'` will give you the string `?uuser=#{u}&ppass=#{p}`, but `"?uuser=#{u}&ppass=#{p}"` will give you the string `?uuser=test_user&ppass=test_password`. – rtcherry May 19 '13 at 18:54