search

kuhldata / ir-cookie-scraper

Simple npm package to scrape a cookie from the iRacing website.
MIT License
1 stars 0 forks source link

Remove Puppeteer #1

Open 0xkalle opened 3 years ago

0xkalle commented 3 years ago

I should remove puppeteer in the future, as it is not needed, I guess.

luisschubert commented 2 years ago

how would you do this without puppeteer?

luisschubert commented 2 years ago

i guess you could just send the same request that the login page is sending and capture the response cookies?

luisschubert commented 2 years ago

yeah it looks like the login form just sends a post-request to members.iracing.com/membersite/Login after validating the inputs and checking for some autologin cookie.

function submitLoginForm(){
    var thisForm = document.LOGIN;

    //Validate the Form
    if((thisForm.password.value=="") || (thisForm.username.value=="")){
        var Alerts = document.getElementById("alertauto");
        if (Alerts != null && Alerts != undefined) {
            document.getElementById("alertauto").innerHTML="Please supply an email address and password.";
        }
        return;
    }
    //Set an auto login cookie that will last for 10 years
    if (thisForm.AUTOLOGIN.checked) {
        //Make sure the user does not have an autologin cookie - gets overwritten
        Delete_Cookie('autologin2', '/','');
    }

    //Submit the login
    if (thisForm.submit != null && thisForm.submit != undefined && typeof(thisForm.submit) == "function") {
        thisForm.submit();
    } else if (thisForm.submit != null && thisForm.submit != undefined && typeof(thisForm.submit) == "object") {
        thisForm.submit.click();
    }
}
luisschubert commented 2 years ago

this gets the cookies with a post to the above mentioned endpoint. 

import requests

auth_url = "https://members.iracing.com/membersite/Login"
auth_params = {
    "username": "a@b.c",
    "password": "abc123"
}
session = requests.Session()
res = session.post(auth_url,auth_params)
# print(res.content) # wtf. it seems like this response returns the data to replace the document with. (i skimmed over it there could be some interesting info in there) 
print(session.cookies.get_dict())

resulting cookies (sanitized):

{'irsso_membersv2': '', 'AWSALB': '', 'AWSALBCORS': '', 'WSENV': '', 'XSESSIONID': '', 'JSESS_members-membersite-bosdkr04-1': ''}
0xkalle commented 2 years ago

They will change the way authentication for the /data API works with the June patch. Iirc the authentication needs to be changed from then on.

0xkalle commented 2 years ago

More Infos can be found here: https://forums.iracing.com/discussion/22109/login-form-changes#latest