Open ryanhugh opened 6 years ago
edward-shen
commented
6 years ago https://github.com/bentekkie/BannerApi-npm Friend found this repo, maybe useful?
Also, worst case scenario we could just see what https requests the actual website uses and then adapt them to our usecases.
edward-shen
commented
6 years ago The primary issue is that Banner v9 is placed behind SSO auth and it uses cookies to verify your session.
Finding what API calls through what paths are pretty easy enough (Chrome Tools > network > XHR requests & enable log preservation; then click on things that would call the API you'd want).
I have thought of a potential workaround for this, where we effectively spoof a user:
manager.getCookies() or document.cookies if you're testing on Chromium tools.The only problem is we need a user/pass, which isn't really great for a service like SearchNEU that shouldn't be dependent on some arbitrary user credentials.
jennydaman
commented
5 years ago @edward-shen @ryanhugh You can search for classes without logging in with your MyNortheastern account.
Behind the scenes, this is what's happening.
JSESSIONID and nubanner-cookie are important.https://nubanner.neu.edu/StudentRegistrationSsb/ssb/classSearch/getTerms?searchTerm=&offset=1&max=20The response is a JSON array of which lists available terms. (You can try copy and pasting the above URL directly into your browser)
https://nubanner.neu.edu/StudentRegistrationSsb/ssb/term/search?mode=searchWith the body
term=201930&studyPath=&studyPathText=&startDatepicker=&endDatepicker=At this point, the session is allowed to query the JSON API to browse classes. The GET query below searches for the class "BIOL 2299" for "Spring 2019 Semester".
https://nubanner.neu.edu/StudentRegistrationSsb/ssb/searchResults/searchResults?txt_subject=BIOL&txt_courseNumber=2299&txt_term=201930&startDatepicker=&endDatepicker=&pageOffset=0&pageMaxSize=10&sortColumn=subjectDescription&sortDirection=asc
ryanhugh
commented
5 years ago @edward-shen Looks like it has changed since we investigated it a year ago - the info on banner v9 is now publicly accessible!
edward-shen
commented
5 years ago It's kinda weird that you need to auth your cookies to access this data (is it really public or is it just a mistake on their end), but a god send none the less!
jennydaman
commented
5 years ago It is kinda weird, but that's how it is. I tried running curl after each click in the browser, it would fail until clicking "Continue"
jennydaman
commented
5 years ago ryanhugh
commented
5 years ago Just tried the script - looks great!
I totally agree with Edward and that we need to make sure it is really public and not just a mistake on their end but it looks like there is a very high probability that is intentionally public - you can go here:
https://nubanner.neu.edu/StudentRegistrationSsb
in a new incognito tab and all the class data is accessible without logging in.
Northeastern released a new version of Banner (v9) and will be shutting down the old version (v8) before the Fall 2018 semester. Lets upgrade to support the new version! I've heard that it should have an API, but haven't seen any details about it and am still looking into it.
This is a high priority because this is required to keep the site running in the future.
Fall classes will be posted on MyNEU on March 19th and students will sign up for classes on April 9th (source).