Permalink
Browse files

Example of website sign in with cookies

  • Loading branch information...
1 parent c3050ed commit 71d6455a049b3fae5fe498c9bf9f51fa3129d0a7 @sandro sandro committed Jan 18, 2011
Showing with 33 additions and 0 deletions.
  1. +33 −0 examples/tripit_sign_in.rb
View
@@ -0,0 +1,33 @@
+dir = File.expand_path(File.join(File.dirname(__FILE__), '..', 'lib'))
+require File.join(dir, 'httparty')
+
+class TripIt
+ include HTTParty
+ base_uri 'http://www.tripit.com'
+ debug_output
+
+ def initialize(email, password)
+ @email = email
+ response = self.class.get('/account/login')
+ response = self.class.post(
+ '/account/login',
+ :body => {
+ :login_email_address => email,
+ :login_password => password
+ },
+ :headers => {'Cookie' => response.headers['Set-Cookie']}
+ )
+ @cookie = response.request.options[:headers]['Cookie']
+ end
+
+ def account_settings
+ self.class.get('/account/edit', :headers => {'Cookie' => @cookie})
+ end
+
+ def logged_in?
+ account_settings.include? "You're logged in as #{@email}"
+ end
+end
+
+tripit = TripIt.new('email', 'password')
+puts "Logged in: #{tripit.logged_in?}"

2 comments on commit 71d6455

gkop replied Sep 10, 2011

This is a confusing example of using cookies with HTTParty because TripIt doesn't follow RFC 2965.

The Set-Cookie header from TripIt doesn't follow syntax (lowercase path and domain tokens):
Set-Cookie: it_ref_id=2561A2F7402CB94610E6F3E537404217; path=/; domain=.tripit.com

So the Cookie header on the subsequent request comes out :
Cookie: it_ref_id=2561A2F7402CB94610E6F3E537404217; path=/; domain=.tripit.com

If TripIt followed the RFC it would look like:
Set-Cookie: it_ref_id=2561A2F7402CB94610E6F3E537404217; Path=/; Domain=.tripit.com

And then the subsequent request would be in violation of the RFC (Path and Domain should be $Path and $Domain instead):
Cookie: it_ref_id=2561A2F7402CB94610E6F3E537404217; Path=/; Domain=.tripit.com

Taking the RFC with a grain of salt, I opened this SO question: http://stackoverflow.com/questions/7374750/which-spec-to-follow-for-path-and-domain-tokens-in-cookies

Is this code still working? I just created a user on tripit.com, ran this code (changing the two first lines with require 'httparty'), and login wasn't successful...

Please sign in to comment.