isLoggedIn() function

[slushyash]

Is there any way to write an isLoggedIn() function without accessing the grades website ?

We might be able to use a HEAD request as shown here: http://stackoverflow.com/questions/333634/http-head-request-in-javascript-ajax. That way we would just get the header: if it's 500 we know that we need to login again, but if it is 200 we know that we don't need to login again.

[tristanseifert]

This seems like a good approach, but do we know if the server supports HEAD requests? If I recall correctly, most servers need to be explicitly configured to accept HEAD requests, and considering the server is some Microsoft concoction, I'm not sure if that's the case. Can someone look into that?

[slushyash]

I tried the following in cURL: curl -I https://accesscenter.roundrockisd.org/homeaccess/Student/Gradespeed.aspx?target=https://gradebook.roundrockisd.org/pc/displaygrades.aspx (-I sends a HEAD request). It worked and gave me a 500 Internal Server Error like it should. On my machine it took an average of 0.7 seconds. Wonder if there's a faster way :/.

[slushyash]

I think the alternative is that we measure how long it takes for GradeSpeed to time out and keep a timestamp every time we request GradeSpeed-related information. That might be a faster way, but perhaps more error-prone.

[tristanseifert]

I have implemented HEAD requests in qhac-ios as a method for detecting if the user is logged in or not, which works relatively well. Even though the districts we currently support run horribly broken web servers, the HEAD request, if not logged in, will return either a 500 (not logged in) or a 200 if the current session is valid.

AISD is a bit strange, in that the server doesn't necessarily return a 500 if the session expired, so instead, code should interpret any HTTP status code besides 200 OK as an error that requires re-authentication.