Webviewer Website Login PHP

Hey guys,

I'm not sure if anyone can help me, I am an infrastructure engineer by trade, so apologies for the gaps in my knowledge.

I am attempting to simply login to a website form through the app. I have used WireShark to get a better understanding of how the website login would normally work.

I seem to be heading in the right direction, but I still can't seem to login.

Button is clicked
Take all the returned content and strip out the token
POST back to website with headers, userid, password, token etc



On the app, it doesn't throw an error, but it also doesn't login

If anyone can steer me in the right direction, that would be great!

Thanks, Ben

Hi @BenjaminMonro Welcome
Can you try with the PostData method of this extension?

Thanks for your incredibly fast reply!

I have used the PostData method, however I am receiving "Attempt to invoke virtual method 'void android.webkit.WebView.postUrl(java.lang.String, byte[])' on a null object reference"

If it helps, this is the type of form I am trying to log into: https://demo.osticket.com.br/scp/login.php

Hi
You will have to correctly create a webview first using below mentioned methods:

  • CreateWebView
  • Set WebView

Also probably you will have to set post data in this way:
username=my_username&password=my_password

Let me know if this does not work.

Thanks again for your help, do you have any suggestions on where I could find these methods being used?

I have crawled through loads of articles and I can't find anything similar to mine where someone is trying to log into a website using App Inventor without using Javascript or an API.

For this reason, I used WireShark to sniff the connections when I log into the form and I got the following:

image

If you had any other articles or references that would be amazing.

Kind regards,
Ben

Unfortunately no.
I really don't know what can be done using that method.

I have a workaround if you are interested in trying:

  • correctly setup webview and load the website
  • manually login to website
  • get cookies of current URL

Here you can get an idea that how CookieManager stores login data.
Now store data in same format on user's device using SetCookies method.

2 Likes

Good idea, I'll give that a try and report back :slight_smile:

Hi again,

I have been fiddling with the Cookie idea, however it seems like the app maintains the cookie by default. I made a very simple app which has a web viewer and a button that just displays the cookie and nothing else.

When I open the app and click the button is displays the cookie "OSTSESSID=123456789123456789"

If I login and click the button, it is still "OSTSESSID=123456789123456789"

Once I have logged into the form and move around the website, the cookie remains "OSTSESSID=123456789123456789"

So I don't think I need to do anything complicated with the cookies because they don't change and they are remembered by default.

When I log into the website on Chrome, it keeps me logged in forever (it doesn't time out), however I cannot get app inventor to remember me. Any ideas?

If I remember correctly then cookies are app specific.
Can you show your blocks?

Yeah sure.

I had a much more sophisticated set of blocks, but now I am simply doing this:

When i navigate between windows inside the website, the cookie remains the same and even after I close the app and re-open it, the cookie is the same. So it doesn't look like the cookie needs to be "set".

Your suggestion to use cookies sounds like a good way to solve the problem, however I just noticed that when I close Chrome on my phone and re-open it, the website asks for a username and password again, unlike a laptop where you can log into the website, close and re-open chrome, open up the webpage and it opens without needing to re-enter credentials.

hmmmm

Seems something is wrong somewhere.
You can do:

  • try to get cookies of Google account
    But make sure you enter correct URL because a small difference in that can return different value.
  • post your AIA here

Do either of these approaches work ?

Thanks for your help on this one guys,

@TIMAI2 I have used a series of blocks further up in this thread to scrape the token out of the "responseContent" am I best to do that or just create my own static token?

Thanks again,
Ben

This is my first encounter with this type of login.

My concern regarding the token is that it relates to the web page generated. Fine if you can grab the token, but will it work if you try to login in through App Inventor (generates a new login page / token....) ?

Yes I agree. If I scrape the token its old by the time its posted. Unlike a cookie I assume you can't use the token twice. So then it might come down to order of operations? Any thoughts on what trigger is best for this? "beforePageLoad" for example?

No luck with the trying the tokens. The system seems to keep spitting errors "invalid token".

@vknow360 sorry I miss understood, get the cookies of Google account?

The cookie option might work, but just need some guidance on setting it up. If the webviewer window has cookies enabled, shouldn't it remember me after the first login?
E.g. if I have a webviewer with facebook in it, after the first login shouldn't it work until either I log out or facebook times out?

Yes.

Simply no because they get expired after specific time.

Sorry I am not sure what that means, do you mean try the whole concept on a Google account instead of the website I am using?

Do you have any article I can follow to help?

Unfortunately there is no guide available about that.
I will try it and let you know.
Kindly send an AIA and apk either here or in PM.