How to get session token when authenticating to JSON REST API (in R)

I'm trying to access JSON data (in R) from a REST API.

To authenticate myself, I need to use a POST method in https://dashboard.server.eu/login. The data that needs to be sent are email and password:

library(httr)

login <- list(
  email = "[email protected]",
  password = "mypass"
)

res <- POST("https://dashboard.server.eu/login", body = login, encode = "form", verbose())

When executing the above, I get this output:

-> POST /login HTTP/1.1
-> Host: dashboard.server.eu
-> User-Agent: libcurl/7.59.0 r-curl/3.3 httr/1.4.1
-> Accept-Encoding: gzip, deflate
-> Cookie: session=10kq9qv1udf0107F4C70RY14fsum41sq50
-> Accept: application/json, text/xml, application/xml, */*
-> Content-Type: application/x-www-form-urlencoded
-> Content-Length: 53
-> 
>> email=my%40email.com&password=mypass

<- HTTP/1.1 200 OK
<- access-control-allow-headers: Accept, Authorization, Content-Type, If-None-Match
<- access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
<- cache-control: no-cache
<- content-encoding: gzip
<- content-type: application/json; charset=utf-8
<- date: Mon, 09 Mar 2020 14:58:31 GMT
<- set-cookie: session=10kq9qv1udf0107F4C70RY14fsum41sq50; HttpOnly; SameSite=Strict; Path=/
<- vary: origin,accept-encoding
<- x-microserv: NS4yNi4xODQuMjE3
<- x-poweredby: Poetry
<- Content-Length: 2346
<- Connection: keep-alive

The doc of the site says that, in case of success, a JSON res is returned and contains a string token in res.data._id.

I don't find it... even looking at every list (and sub-lists) of res.

How am I supposed to find the token?

Following the doc, and an example in AngularJS, I'm then supposed to do:

// Create JSON Object with your token
let authorizeObject = {
    'Authorization': 'Session ' + token,
    'content-type': 'application/json;charset=UTF-8',
    'accept': 'application/json,text/plain',
};

// Create header from the previous JSON Object
let header = {'headers':authorizeObject};

// Use the header in your http request...
$http.get('https://dashboard.server.eu/', header)

Any hint on making this dream become true?

UPDATE -- With cURL, I could check that there is a _id key/value returned…

With the command:

curl -k -X POST "https://dashboard.server.eu/login" \
             -d '{ "email" : "[email protected]", "password" : "mypass" }' \
             -H "Content-Type: application/json"

I get the output:

{
  "_id": "697v2on4ll0107F4C70RYhosfgtmhfug",
  "isAuthenticated": true,
  "user": {
    "_id": "5dd57868d83cfc000ebbb273",
    "firstName": "me",
    "lastName": "Me",
...

So, the session token is indeed somewhere...

Does this help to help me?

Looking at the image of res in your question, the message is there, under content - it's just that the content is stored as a vector of raw bytes, which is why you didn't recognise it as json.

Since any file type can be sent by http, the contents in an httr response object are stored in raw format rather than a character string for various reasons - perhaps most importantly because many binary files will contain a 0x00 byte, which isn't allowed in a character string in R.

In your case, we can not only tell that res$content is text, but that it is your "missing" json. The first six bytes of res$content are shown in your image, and are 7b, 22, 5f, 69, 64, 22. We can convert these to a character string in R by doing:

rawToChar(as.raw(c(0x7b, 0x22, 0x5f, 0x69, 0x64, 0x22)))
[1] "{\"_id\""

This matches the first six characters of your expected json string.

Therefore if you do:

httr::content(res, "text")

rawToChar(res$content)

You will get your json as a character string.

Recommended topics

Hot tags