Closed OlguD closed 11 months ago
Does the only problem is using session in my flask app ? Can it cause this error ?
this is not the right way to exchange login sessions in ensta.
after logging in, ensta stores session data in a file named "ensta-session.txt". you should copy the json data in that file and return to the user. when the user wants to perform authenticated requests, he should provide the session data which your flask server will use in the host class by first storing that data in "ensta-session.txt" file and then initialising the host class so that it can fetch the session data from that file.
the reason why it works on your local machine could be because it already has the "ensta-session.txt" file while on your server, persistent storage may not be available for ensta to create session files.
you can rather use the "save & load" parameters while initialising the host class which will return the session data to your custom functions.
from ensta import Host
def savedata(data):
# here's your session data. return it to the user and ask them to to pass this data everytime they perform an authenticated request
...
def loaddata():
# here, you need to fetch that session data from cookies, headers or anything you're using and return in this function so that ensta can use it
...
return data
host = Host(username, password, save=savedata, load=loaddata)
can you send me your flask server's code if possible? it'll help detect what the exact cause of error is and also debug the code as needed.
I think the real problem is on the ensta-session.txt file. It is automaticaly created in server. But it doesn't initialising the host class, I guess this causes the error. By the way thank you for your quick response :).
this is not the right way to exchange login sessions in ensta.
after logging in, ensta stores session data in a file named "ensta-session.txt". you should copy the json data in that file and return to the user. when the user wants to perform authenticated requests, he should provide the session data which your flask server will use in the host class by first storing that data in "ensta-session.txt" file and then initialising the host class so that it can fetch the session data from that file.
i'll run the flask server on my machine and check if there's any error.
in the meantime, please do give this repository a star so that other developers can know about ensta as well.
thank you
i'll run the flask server on my machine and check if there's any error.
in the meantime, please do give this repository a star so that other developers can know about ensta as well.
thank you
Appreciated
i don't know much about flask sessions, but here's what i would advice you to do:
username
and password
. in return of these, the server tries to log in and returns the session data back to the user.here's the code for a more clearer reference: login endpoint:
def login(username, password):
"""
this function takes "username" & "password", and returns session_data which is used to perform authenticated requests
"""
try:
host = Host(username, password)
# login successful
return {"status": "ok", "session_data": host.session_data}
except Exception as e:
# login failed
return {"status": "fail", "message": str(e)}
endpoint to perform authenticated requests:
from ensta import SessionHost
import json
def profile_data(their_username):
host = SessionHost(cookies["session_data"]) # yes, we'll use 'SessionHost' instead of 'Host'.
profile = host.profile(their_username)
return {"status": "ok", "profile": json.dumps(profile.__dict__)}
don't forget to update ensta because i've made some changes: pip install ensta --upgrade
So when I do it this way, is there a possibility that the user will be banned? Can the user be caught in the fraud system?
if you talk specifically about this way of logging in, there's a low chance of your account being caught as ensta stores some other data as well along with the session_id in the session data string.
but that doesn't mean you can't get flagged. you can get flagged because of some other mistakes too (and no third-party api can guarantee this). you should be aware of some precautions including:
conclusion: if you use the method of logging in that i provided, you don't have to worry that much. but do take the precautions when using any third-party library.
hope it helps.
I understand, thank you for your time. 😊
i don't know much about flask sessions, but here's what i would advice you to do:
- create a login endpoint where users give their
username
andpassword
. in return of these, the server tries to log in and returns the session data back to the user.- now, every time user wants to perform an authenticated request, he/she passes that session data string in each request through any medium (say cookies, headers etc).
- this session data then can easily be used to log into that user's session and perform authenticated requests.
here's the code for a more clearer reference: login endpoint:
def login(username, password): """ this function takes "username" & "password", and returns session_data which is used to perform authenticated requests """ try: host = Host(username, password) # login successful return {"status": "ok", "session_data": host.session_data} except Exception as e: # login failed return {"status": "fail", "message": str(e)}
endpoint to perform authenticated requests:
from ensta import SessionHost import json def profile_data(their_username): host = SessionHost(cookies["session_data"]) # yes, we'll use 'SessionHost' instead of 'Host'. profile = host.profile(their_username) return {"status": "ok", "profile": json.dumps(profile.__dict__)}
don't forget to update ensta because i've made some changes:
pip install ensta --upgrade
When I run this flask app on my local machine it doesn't give any error, it runs perfectly but when I run flask app on vds server, it gives an error.
I use the same post requests code for testing the flask API:
My flask app's login endpoint is this.
This is the endpoint that provides profile information after the user logged in