Home>

I am trying to pass authorization but nothing happens. On the site, as I understood double authorization, first I specify the authorization method, then the password on another page.

That's what is sent to the server:

Authorization:

1. https://my.tiu.ru/remote/auth/phone_email_step?locale=ru.
{ "Phone_email": "[email protected]", "pow_complexity": "18: web.E5Wiaw.2b7O2wAfRAK63vuQO7XNRJVfvAs", "pow_prefix": "QPUT82H1QDHCSHV2FHJQI1ETLY0UT4TWMENPFK64WLNGYWMABTXXC6GQ5Y66KWK7.E5Wiaw.vdnsW9dzomQD5iFgEaN944Cy_is", "pow_nonce": "00000179bf6221a1d873121c6ee4b149"}
2. https://my.tiu.ru/remote/Auth/enter_password_step?locale=ru
{"phone_email": "[email protected]", "password": "test @", "next_url": "/cabinet /user /orders", "POW_COMPLEXITY": "18: web.e5wjaw.ztrc4h4qrdjsld6wyixs-aejp_k" , "POW_PREFIX": "ucae19f2ertm7cg1xov35da8zxol4cqbvc27et2uv3jd67wrtb5jj9h1zlgvgbzg.e5wjaw.dt1t3ihaqmq0psvcswkpabaekzg", "Pow_nonce": "00000179bf6930d973d218443f5d8f5b"}

i.e. An additional options are attached to the query, when you select the authorization method + 3 of the parameter, when entering the password + 4 parameters. If I understood everything right.

That's what I do with CURL:

<
? php.
set_time_limit (0);
ini_set ("display_errors", "on");
Define ('User', '[email protected]');
Define ('Pass', 'Test @');
Class Tiu.
{
Private $ ch;
Private $ auth_cookie_file;
Private $ users= [];
FUNCTION __CONSTRUCT ($ auth_cookie_file)
{
    $ this->
auth_cookie_file= $ auth_cookie_file;
    $ this->
CH= curl_init ();
}
//Authorization
Public Function Auth ($ Login, $ Password)
{
    //$ this->
Request ('Post', 'https://my.tiu.ru/remote/auth/enter_password_step?locale=ru', [
    $ this->
Request ('Post', 'https://my.tiu.ru/sign-in/form?next=', [
        'next'= >
 '/Cabinet /User /Orders',
        'phone_email'= >
 $ Login
        'password'= >
 $ password,
        'REMEMBERME'= >
 'TRUE',
        'submit'= >
 "''
    ]);
}
//Authorization check
Public Function Checkauth ()
{
    $ response= @json_decode ($ this->
Request ('GET', 'https://my.tiu.ru/cabinet/user/orders')['body'],
 true);
    Return Is_Array ($ Response) &
&
 isset ($ response ['id']);
}
//General Method for sending requests through CURL
Private Function Request ($ Type, $ URL, $ Data= [],
 $ Headers= [],
 $ curlopts= [])
{
    $ Default_Headers= [
        'Accept: text /html, application /xhtml + xml, application /xml; q= 0.9, image /webp, * /*; q= 0.8',
        'Accept-Encoding: Gzip, Deflate, Lzma',
        'Accept-Language: RU-RU, RU; Q= 0.8, EN-US; Q= 0.6, EN; Q= 0.4',
        'Upgrade-insecure-requires: 1',
        'User-Agent: Mozilla /5.0 (Windows NT 10.0; Wow64) AppleWebKit /537.36 (KHTML, LIKE GECKO) Chrome /55.0.2883.87 Safari /537.36 OPR /42.0.2393.517'
    ];
    $ default_curlopts= [
        //curlopt_interface= >
 '46 .254.16.170 ', https: //my.tiu.ru/sign-in/form? Next=
        //curlopt_url= >
 (STRPOS ($ URL, 'HTTPS: //')=== 0? '': 'https://my.tiu.ru/remote/auth/enter_password_step?locale=ru'). $ url. ($ Type== 'Get' &
&
 Count ($ DATA) >
 0? '?' . http_build_Query ($ Data): ''),
        Curlopt_url= >
 (STRPOS ($ URL, 'HTTPS: //')=== 0? '': 'https://my.tiu.ru/sign-in/form?next='). $ url. ($ Type== 'Post' &
&
 Count ($ DATA) >
 0? '?' . http_build_Query ($ Data): ''),
        Curlopt_httpheader= >
 Array_Merge ($ Default_headers, $ Headers),
        Curlopt_followlocation= >
 false
        Curlopt_returntransfer= >
 True
        Curlopt_Header= >
 True
        Curlopt_encoding= >
 'Gzip',
        Curlopt_cookiefile= >
 $ this->
auth_cookie_file
        Curlopt_cookiejar= >
 $ this->
auth_cookie_file
        Curlopt_followlocation= >
 True.
    ];
    if ($ Type== 'Post') {
        $ default_curlopts [curlopt_post]= true;$ default_curlopts [curlopt_postfields]= http_build_query ($ DATA); }
    CURL_SETOPT_ARRAY ($ this->
CH, Array_Replace ($ default_curlopts, $ curlopts));
    $ Response= (String) CURL_EXEC ($ this->
ch);
    $ RESULT= [
        'http_code'= >
 CURL_GETINFO ($ this->
CH, CURLINFO_HTTP_CODE),
        'raw_response'= >
 $ Response,
        'Header_size'= >
 CURL_GETINFO ($ this->
CH, CURLINFO_HEADER_SIZE)
    ];
    $ Result ['Header']= MB_SUBSTR ($ Response, 0, $ Result ['Header_size'],
 'UTF-8');
    $ result ['Headers']= Array_Filter (Array_map ('Trim', Explode ("\ n", $ result ['header'])));
    $ Result ['Body']= MB_SUBSTR ($ Response, $ Result ['Header_Size'],
 NULL, 'UTF-8');
    Return $ Result;
VAR_DUMP ($ Result);
}
}
//Authorization check. If already authorized, then it goes on, no -authorizes login and password
$ tiu= new tiu (__ dir__. '/auth.cookie');
if (! $ Tiu->
Checkauth ()) {
$ tiu->
Auth (User, Pass);
if (! $ Tiu->
Checkauth ()) {
    DIE ('CAN \' T Auth ');
}
var_dump ($ tiu);
}

File content Auth.Cookie

# Netscape Http Cookie File
# Http://curl.haxx.se/docs/http-cookies.html.
# This File Was Generated by Libcurl! Edit at Your Own Risk.
# Httponly_.tiu.ru True /True 1653991682 Evoauth W45BA41643DA3497B8A80BD6FD17DE7EE
.tiu.ru True /False 1625047683 CID 302199160435600002842890569314094394472
.tiu.ru True /False 0 User_Tracker 88DAF938C0E6515D0561A3D407E9313EFD4C6546 | 91.218.231.18 | 2021-05-31
.tiu.ru True /True 1653905284 CSRF_Token B607E198F6F448C1BAC0D4EA213F1E7F
# Httponly_.tiu.ru True /True 1653991683 AUTH 7BB28D92619FC8BD8CB6C0AA3DD7D6E1B253B6B0

Authority does not work, where I am mistaken?

How to fix authorization?

Curl errors gives? Is SSL processed?

Jean-Claude2021-06-02 06:10:04

Yes, SSL is processed. Curl does not give mistakes, I have something wrong in the code, I try to check the authorization without understanding how, I apparently took the ceiling. I just wrote a 5 years ago authorization script for a parser, this is its modification. I just forgot everything, I thought this does not happen)))

Смирновски2021-06-02 06:10:04

You yourself wrote that 2 requests are out of authorization, and you will send a request at all to another ull (my.tiu.ru/sign-in/form?next=). So send requests to those 2 ullas that wrote by passing the necessary parameters. All cookies that gives the server write to one file, and everything will be

Crasher2021-06-01 06:49:45

Yes, I tried to different URLs. First of all, the necessary, then began to experiment. Cookies and so in one file I write. Completely forgot everything, the road to the freelancing: (

Смирновски2021-06-01 08:16:08